|Long description||Risky Users and Risky sign-ins monitoring is an ongoing service that helps businesses monitor and detect potential risks on time before a serious issue occurs.|
Managing privileged users who have high-level access to your data is essential to keep your data secure. Our engineers will help you identify and manage risky users as well as protect your Microsoft 365 environment from risky sign-ins. With the help of Microsoft tools, it is easy to identify if the user risk score was a false positive or the user risk was remediated with policy enforcement such as completing an MFA prompt or secure password change. Our goal is to help you protect your confidential data and proactively monitor your users` activity by providing you with all the information you need:
- Which users are at risk, have had risk remediated, or have had risk dismissed?
- Details about detections.
- History of all risky sign-ins.
- Risk history.
IT Partner responsibilities #
- IT Partner monitors user activity, and signals from security tools to identify events that merit attention and leverage machine learning and behavioral analytics to reduce false positives and alert fatigue, discover hard-to-detect complex events like lateral movement, insider threats and data exfiltration.
- IT Partner prioritizes, selects the most important alerts, and investigates them further. Real security incidents are passed to the customer.
- IT Partner staff assesses the attack and mitigation steps, gathers additional forensic data and finalizes auditing and documentation.
- Microsoft 365 tenant
- The customer connects to IT Partner monitoring system.
- IT Partner engineers manage continuous monitoring of risky users and risky sign-ins.
Risky Users and Risky sign-ins monitoring involves continuous monitoring, responds to suspicious attempts and communicating risk and performance data to the customer.
Success criteria #
This service is provided on an ongoing basis with a regular monthly fee and results in customer`s full awareness of what is happening across different parts of the organization. Risky Users and Risky sign-ins monitoring includes tracking identified risks, discovery of new risks, evaluating risk process effectiveness and successful risk management throughout the project.