Microsoft Modern Workplace Services

Security and Compliance

GBG tailors Microsoft Modern Workplace Services, security and compliance solutions for your unique workplace through the following:

Understanding the Egyptian Data Protection Law: Microsoft Modern Workplace Services

The Egyptian Data Protection Law is designed to regulate the handling of personal data for both citizens and residents of Egypt. This law applies to all individuals and organizations that collect, process or store personal data of Egyptian nationals or non-Egyptian residents living in the country, regardless of their nationality or place of residence. Its main goal is to protect individual privacy rights by enforcing strict guidelines on data collection, usage, and sharing. In doing so, the law promotes a secure and trustworthy digital environment in Egypt.

GBG can help to ensure you comply with EDPL by:

• Performing gap analysis that covers people, business, and processes. 
• Providing a road map on how to overcome any gaps found. 
• Creating necessary policies, procedures, and guidelines. 
• Completing risk assessments.
• Developing incident response practices. 

GBG has a wide set of technologies from different vendors, such as Microsoft, Palo Alto, One Identity, Stealth Bits, and Clear Swift, that can help you to ensure data protection and defense against attack attempts.

The solutions cover:

• Identity and access management.
• Threat protection
• Data protection
• Device management.
• Security operation, incident response and penetration testing. 

Mapping the best solution for your needs shall be done after risk assessment. 

Empowering Your Remote Workforce with Endpoint Device Management With Microsoft Modern Workplace Services

Today’s employees expect to have the ability to utilize their IT assets from anywhere, 24/7.  The challenge is to ensure that these assets are securely and seamlessly managed so that your business can focus on what it does best, whether that is in the office, on the road, at a client’s site, or at home.  

• Imagine having a product that can manage all your end-user devices and apps, anywhere, anytime.
• Imagine having a consulting service that grows and moves with your business as you need it. 
• The end-user management experts at GBG can make your always-on environment a reality with our endpoint management solutions. 

Understanding ISO 27001 Gap Analysis for Information Security Management

ISO 27001 is the international standard that sets out the specifications for an Information Security Management System (ISMS). Its best-practice approach helps organizations manage their information security by addressing people and processes, as well as technology.

• ISO 27001 formally specifies how to establish an Information Security Management System (ISMS). 
• The adoption of an ISMS is a strategic decision. 
• The design and implementation of an organization’s ISMS are influenced by its business and security objectives, its security risks and control requirements, the processes employed, and the size and structure of the organization.
• The ISMS will evolve systematically in response to changing risks.
• Compliance with ISO 27001 can be formally assessed and certified. A certified ISMS builds confidence in the organization’s approach to information security management among stakeholders.
• ISO 27002 is a “Code of Practice” recommending a large number of information security controls. 
• Control objectives throughout the standard are generic, high-level statements of business requirements for securing or protecting information assets.
• The numerous information security controls recommended by the standard are meant to be implemented in the context of an ISMS, in order to address risks and satisfy applicable control objectives systematically.
• Compliance with ISO 27002 implies that the organization has adopted a comprehensive, good-practice approach to securing information.

Virtual CISO: Your Outsourced Security Leadership

The vCISO is a security practitioner who uses the culmination of their years of cybersecurity and industry experience to help organizations with developing and managing the implementation of the organization's information security program.
A vCISO is an outsourced service that provides security leadership to the organization’s IT and security teams, in addition to advice and assurance to the board. The vCISO collaborates with and advises clients' IT departments and helps customers maintain and secure their existing IT infrastructure.
A vCISO’s Main Duties:

• Review regular penetration tests and vulnerability scans. 
• Conduct risk assessments on any major changes in IT, security systems or business processes that can introduce security risks to the environment.
• Reviewing and revising current security policies and procedures, and recommending changes or additions of new procedures.
• Making recommendations for replacing/reinforcing current security tools, resources, and policies.
• Overseeing the development and implementation of an information security program, and benchmarking the security posture of the organization with a globally known framework of choice that aids compliance with regulations that may be in the scope of business operations.
• Orchestrating security incident responses in case of cyberattacks.

Enhance Your Company's Security with GBG's 360 Microsoft Modern Workplace Services

GBG’s Microsoft 365 security management service is an affordable and structured offering, consisting of a workshop to determine your company’s security profile requirements, and enabling Microsoft 365 security aspects to align with your requirements.

• Security profiling workshop
• Product licenses per user
• Cloud services enablement
• Cloud identity and security
• Security enablement based on profiling
• 12-month security management service to manage tenant health, security compliance and data protection
• 8×5 service-level agreement

Vulnerability Assessment Services by GBG

A vulnerability assessment is the process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures, and providing the organization doing the assessment with the necessary knowledge, awareness and risk background to understand the threats to its environment and to react appropriately.

Success starts with security. Choosing the right security partner should never carry the same stress as having to deal with a security breach.

The most effective way to protect against exposure to vulnerabilities is to develop intelligence around your assets via assessment, and to harden these systems to minimize your attack landscape.

The GBG team has in-depth knowledge and experience across several next-generation solutions that are redefining the way that the world looks at information security.

This offering includes the following deliverables:

• Multi-layered security, where we ensure identity, on-premise and cloud-based assets and all-important network edge is no longer a pipe dream but rather a reality.
• Information security gap assessments and remediation roadmap development.
• Cybersecurity testing and improvement service.
• Information security training and awareness.
• Platform and network security assessments and vulnerability scanning.

Identity Theft Protection through Microsoft 365 Compliance

Identity Theft Protection:

• Ongoing monitoring, rapid alerts, and recovery services
• Automate the detection and remediation of identity-based risks.
• Investigate risks using data in the portal.
• Export risk detection data to third-party utilities for further analysis

Microsoft Solutions Security Baseline and Active Directory Hardening

We can help you to apply the security baseline for all Microsoft products, for example:

• Operating System Hardening
  Applying a security baseline that contains recommended settings that Microsoft suggests for Windows workstations and servers, to provide secure configuration and to protect domain controllers, servers, computers and users. Microsoft has developed a Group Policy Objects reference and templates based on the security baselines by using Intune.
  
• Active Directory Hardening
  This active directory hardening design helps in protecting against the following attacks:
  • Pass the hash / Pass the ticket
  • Privilege escalation
  • Credential theft
  • Host intrusion
  • Lateral traversal

The following security concepts are considered during this design:

1. Limiting administrator account usage.
2. Creating different passwords for each local administrator.
3. Lowering privileges by limiting users’ permissions and rights to only what is necessary.

Microsoft Modern Workplace Services Security Services for Business Efficiency and Protection.

• Software as Service model provides guaranteed reliability and uptime in secure Microsoft datacenters with the highest industry-leading certifications for governance and security
• Easy to grow and shrink depending on your requirements to enable your business to use its IT services in a cost-effective usage-based model
• Integrate and manage existing IT environments without removing current systems while allowing your business to grow into the cloud in a secure and structured way

You can Stay secure and productive anywhere, on any device, with identity and intelligence-driven intelligence.

• Azure Active Directory Premium
• Microsoft Intune
• Azure Information protection
• Microsoft Cloud App Security
• Microsoft Advanced Threat Protection
• Microsoft Secure Score
• Microsoft Defender Advanced Threat Protection

Collaboration

GBG offers tailored collaboration solutions to meet your daily operational needs, including a range of tools designed to boost productivity.

GBG's Attendance Application: Secure, Accurate, and Cost-effective

GBG supports the National Initiative to STOP using fingerprints by enabling employees to sign in/out from anywhere.

• High accuracy & security
• Cost-effective
• Prevents “buddy punching”
• Enables location tracking
• Comprehensive reporting

Learning and Development Application

GBG provides an effective training platform that allows access from anywhere with these key features:

IT Ticketing System

Keep track of customer requests so your team can stay organized, easily prioritize work, and find solutions for customers faster. Our key features include conversations, tickets, automation & routing, live chat, team email, conversational bots, reporting, inventory management, and metrics reporting.

With GBG IT Ticketing Systems, you can:

• Log, organize, and keep track of customer issues all in one place
• Create New Case with Easy Way
• Automate tickets to create a help desk
• Prioritize requests, so critical issues get resolved faster

Meeting Room Reservation System

Schedule and manage online bookings for meeting rooms, internal spaces, and offices. GBG tailors a reservation platform with the following key features:

• Outlook calendar integration for access anytime and anywhere
• Chatbot services over a secure communication

Voice and Video Calling with Microsoft Teams

GBG certifies only select SBC vendors to ensure they are compatible with our Direct Routing guidelines. Our Direct Routing offers you the choice of staying with your existing telephony provider while using Microsoft Teams' calling capabilities. Our solutions enable 3rd party applications integration with the following:

• Easy Transition to Calling in Teams
• Telephony System Inter/Op
• Support for Analog Devices

Chatbots

Improve your employee experience with chatbots designed to support HR needs. GBG’s chatbots extend support through the following:

• Knowledge based response
• Query submission posted to a pre-configured team who acts upon the notification when the programmed response is unavailable
• Link suggestions to recommended HR policies by using pre-configured tags in questions