Central Power Systems & Services, founded in 1954, specializes in power generation, power distribution, industrial engines, and heavy equipment services. With over 400 employees and 22 locations, they provide comprehensive support and solutions for various industries, including construction, agriculture, and transportation
Case Study: Microsoft 365 Systems Security Hardening for Central Power
Summary
Jadex Strategic Group (Jadex) partnered with Central Power Systems & Services (Central Power), a leading provider of power solutions and services, to enhance the security of their Microsoft 365 environment. Recognizing the critical need for robust cybersecurity measures, Central Power, known for its extensive range of electrical and power system solutions, engaged Jadex to perform comprehensive baseline protections for their Microsoft environment. This collaboration aimed to secure various components within Central Power’s Microsoft 365 tenant, ensuring heightened protection against emerging threats while maintaining operational efficiency.
Challenge
Central Power faced significant challenges in securing their Microsoft 365 environment. With increasing cyber threats, it became imperative to implement stringent security measures across multiple platforms including Exchange Online, SharePoint, OneDrive, Teams, and Entra ID (formerly Azure Active Directory). Additionally, Central Power required advanced threat protection and Microsoft Defender systems to safeguard sensitive data and ensure compliance with industry standards. The complexity of the environment and the need for coordinated efforts across various services necessitated a structured and thorough approach.
Strategy
Jadex deployed a strategic approach to address Central Power’s security needs through outlined specific activities, tasks, and key strategies including the following:
Initial Setup and Configuration
- Conducting a meeting to establish goals, define roles, and verify timeline.
- Gathering necessary data like reviewing existing Microsoft licenses and other software involved.
Systems Hardening Activities
- Configuring and hardening Microsoft 365 Admin Center, Exchange Online, SharePoint, OneDrive, Teams, Defender, and Entra ID.
- Implementing advanced threat protection measures and Microsoft Defender for Office and Microsoft Defender for Endpoints.
- Establishing multi-factor authentication (MFA), conditional access policies, identity protection, modern authentication protocols, anti-phishing policies, and anti-malware policies.
Ongoing Coordination
- Providing a Jadex Technical Lead to manage communications and technical activities throughout the project.
- Supporting with Domain Name System (DNS) and other software vendors.
Data Collection and Review
- Collecting and verifying necessary information to proceed with system hardening tasks.
- Creating and configuring organizational policies and settings to align with best practices.
Results
The collaboration between Jadex and Central Power resulted in a significantly increased Microsoft secure scores across main areas of Zero Trust and in the Microsoft 365 environment like devices, identities, apps, and data. Key achievements included:
- Enhanced security configurations across all Microsoft 365 services.
- Improved protection against email spam, identity compromise, and other cyber threats.
- Secure and compliant data handling practices, including stringent access controls and Information Rights Management (IRM) implementation.
- Effective use of advanced threat protection systems and Microsoft Defender to safeguard against potential vulnerabilities.
Central Power now benefits from a robust and secure Microsoft 365 environment, ensuring their operations are well-protected against evolving cyber threats while maintaining compliance with industry standards. The project not only fortified their cybersecurity posture but also provided a scalable framework for future security enhancements.
By leveraging Jadex’s expertise, Central Power was able to transform their security landscape, demonstrating a commitment to safeguarding their critical assets and maintaining operational resilience.