Cybersecurity missions

At Bechtle Comsoft, we believe that ongoing cybersecurity assessment should be the backbone of your security plan. 

Risk management in IT involves analysing potential dangers weighing on your IT projects so that you can either prevent them or deal with them quickly. Through 3 security missions, Bechtle Comsoft considers all risks before taking the necessary measures, improving the general security of the IT infrastructure and optimising the information system.

CYBERSECURITY ASSESSMENT  CYBERSECURTY INFRASTRUCTURE  DATA PROTECTION ASSESSMENT   TRANSITION TO CLOUD  Threat protection

OBJECTVES

• Understanding security needs
• Approval preparation in terms of industrial product regulation compliance
• Defining a data protection strategy
• Defining appropriate software solutions

SERVICE PROCEDURE

• Asset inventory
• Identifying existing threats, vulnerabilities and security measures
• Assessing impacts on business issues
• Assessing the likelihood of potential attacks
• Risk assessment and treatment according to ISO 27005 standard

WHEN

• Organisational change: internal reorganisation, M&A
• Home working deployment
• Technology updates related to new threats
• Designing a new product or service
• ISO 27001 certification renewal

OBJECTIVES

• Cyber security risk assessment for your Microsoft assets: terminals, Microsoft Active Directory, Azure AD and Office 365
• Proposing patches to secure your Microsoft environment

SERVICE PROCEDURE

• Developing a detailed description of the infrastructure
• Scanning the entire perimeter and then retrieving the data (CSAT tool)
• Identifying all software deployed
• Checking, identifying & analysing “at-risk" software including "shadow IT" risks
• Questionnaire on the cybersecurity process (5 areas)
• Methodological approach
• Technology recommendations & process improvement areas

WHEN

• Organisational change: internal reorganisation, M&A
• Home working deployment
• Technology updates related to new threats

DELIVERABLES

Risk analysis report including:

• Map of the 10 critical risks identified for the company
• Cybersecurity Action Plan

Why would I need a backup? 

OBJECTIVES

• Understanding data protection requirements in Office 365
• Defining an Office 365 data protection strategy in the Cloud

SERVICE PROCEDURE

2-hour workshop including:

• Interviewing and identifying problems encountered
• How data protection roles and responsibilities are perceived
• Refresher on regulatory aspects including the mandatory GDPR compliance requirements
• Mapping the existing infrastructure

WHEN

• Organisational change: internal reorganisation, M&A
• Telework deployment
• After purchasing Microsoft Office 365 licences

DELIVERABLES

Documented analysis report including:

• Assessment report
• Expert advice on possible solutions to be implemented

OBJECTIVES

• Understand your customer business objectives and devise priority scenarios to enable secure working, wherever it may be.
• Define activation plans, risks and mitigation measures for successful deployment and adoption.

SERVICE PROCEDURE

2-hour workshop including:

• Presentation Teams
• Security Modules PresentationSSPR/MFA & Conditional Access
• Establishment and prioritisation of use cases
• Establishment of Action Plan

WHEN

• Need for secure remote access

DELIVERABLES

Documented analysis report including:

• Action plan

OBJECTIVES

• Performing threat analysis in the customer's environment.
• Provide Microsoft security value, preferably using product demonstrations.
• Provide recommendations and next steps.

SERVICE PROCEDURE

2-hour workshop including:

• Deployment of test licences for threat scanning on the tenant.
• Setting up the Threat Check for scanning for 2/3 weeks.
• Taking into account the following products: Microsoft 365 Defender, Microsoft Defender for Office 365, Azure Active Directory Identity Protection and Microsoft Cloud App Security.
• After the scan: analysis of the various points raised by the Threat Check

WHEN

• At any moment

DELIVERABLES

Documented analysis report including:

• Remediation recommendations

Chrisross Abouo, Cybersecurity Specialist at Bechtle Comsoft