Skip to content
HISPANIC, VETERAN OWNED & OPERATED CYBERSECURITY BUSINESS

The Jadex Strategic Group’s Cyber Watchtower cybersecurity service is built upon the extensive Microsoft security and compliance infrastructure. We implement a set of best practices and recommendations from Microsoft that cover key security domains, such as identity and access management, data protection, device management, threat protection, and cloud security.

With Watchtower you can expect a reduced risk of security breaches, data loss, and regulatory violations, by aligning with industry standards, and frameworks, such as NIST, CIS, GDPR, HIPAA, PCI DSS, and others.

WHAT IS INCLUDED?

Monitoring, Reporting and Support

All of the Cyber Watchtower service packages start with 3 monthly support cases. Additional support cases are available as a supplemental service.

Service Details

Expand the dropdown items to learn more about what is included with Cyber Watchtower.

Create Conditional Access policy to require MFA for admins
 
Description
A Conditional Access policy is a rule evaluated at user login that grants or denies access to organizational resources. Conditional Access policies use signals present during login to restrict access when an expected criteria is not met. Examples of signals used to define Conditional Access policies include the user's inferred geographic location, the application being accessed by the user, and the presence or absence of a Multi-Factor Authentication response.
 
User impact
Users assigned to administrative roles will need to register for multifactor authentication.

Create Conditional Access policy to require MFA for users

Description
A Conditional Access policy is a rule evaluated at user login that grants or denies access to organizational resources. Conditional Access policies use signals present during login to restrict access when an expected criteria is not met. Examples of signals used to define Conditional Access policies include the user's inferred geographic location, the application being accessed by the user, and the presence or absence of a Multi-Factor Authentication response.
 
User impact
Deployment of this task will require all users to authenticate using a second factor. You can specify inclusions and exclusions by user or group.

Create Conditional Access policy to block legacy authentication

Description
A Conditional Access policy is a rule evaluated at user login that grants or denies access to organizational resources. Conditional Access policies use signals present during login to restrict access when an expected criteria is not met. Examples of signals used to define Conditional Access policies include the user's inferred geographic location, the application being accessed by the user, and the presence or absence of a Multi-Factor Authentication response.

User impact
Users will not be able to access data on legacy client apps that do not support modern authentication.

Configure Entra ID for joining devices

Description
This task will configure the device registration policy in Entra ID. Device registration with Entra ID enables automatic device enrollment into Intune.

User impact
This group of tasks enables device management through Microsoft Intune and Entra ID. Devices will automatically enroll in Intune when a work or school account is configured. Device health and compliance metrics will be sent to Microsoft Intune and Jadex Cyber Watchtower.

Configure device enrollment

Description
This task will configure Azure Active Directory to use Microsoft Intune for device management.

User impact
This group of tasks enables device management through Microsoft Intune and Azure Active Directory. Devices will automatically enroll in Intune when a work or school account is configured. Device health and compliance metrics will be sent to Microsoft Intune and Jadex Watchtower.

Enable Intune Endpoint Analytics

Description
This task enables Intune Endpoint Analytics, which proactively monitors the health of your tenant's enrolled devices. Endpoint Analytics collects device event information from supported Windows 10 or later devices and provides recommendations to improve device performance and application responsiveness. You can view Endpoint Analytics data in both Microsoft Intune and Jadex Watchtower.

User impact
This group of tasks enables device management through Microsoft Intune and Entra ID. Devices will automatically enroll in Intune when a work or school account is configured. Device health and compliance metrics will be sent to Microsoft Intune and Jadex Watchtower.

Collect Windows event logs

Description
Deployment of this task creates a Microsoft Intune Proactive Remediation that forwards Windows event logs to Jadex Watchtower. You can view and analyze events to troubleshoot device issues. To retain device connectivity to Jadex Watchtower, this task must be redeployed annually.

User impact
This group of tasks enables device management through Microsoft Intune and Entra ID. Devices will automatically enroll in Intune when a work or school account is configured. Device health and compliance metrics will be sent to Microsoft Intune and Jadex Watchtower.

Provision Microsoft Defender

Description
This task will provision the tenant with Microsoft Defender for Business. Once provisioned, the tenant will be ready to onboard devices and use Microsoft Defender for Business capabilities. It may take a few minutes after provisioning is complete before Microsoft Defender for Business capabilities are ready for use.​

User impact
Once Microsoft Defender for Business is provisioned in your tenant, onboarded devices will be protected from threats and attacks.

Automatically onboard devices to Microsoft Defender using Microsoft Intune

Description
This task sets up a connection between Microsoft Defender for Business and Microsoft Intune. All Intune-enrolled Windows devices will be automatically onboarded to Microsoft Defender for Business.

User impact
Once Microsoft Defender for Business is provisioned in your tenant, onboarded devices will be protected from threats and attacks.

Configuration OneDrive policy for Windows 10 and later

Description
Configure OneDrive policy settings for customer tenants to better protect their company data. This sets sharing limitations for users to protect company data and also enables smart sign-in and disk space optimization.

User impact
Once deployed, OneDrive is set up by default on the customer tenant's Windows devices and the company-preferred policies are applied without the option to turn them off.

Configure Microsoft Defender Antivirus for Windows 10 and later

User impact
Microsoft Defender Antivirus runs in the background, ensuring that Windows users are protected from threats, such as viruses and malware.

Configure a Microsoft Defender Firewall policy for Windows 10 and later
 

Description
Microsoft Defender Firewall helps secure users by determining which network traffic can be sent and received by their devices. Blocking unauthorized network traffic reduces the risk of network security threats and protects intellectual property.

User impact
Microsoft Defender Firewall will prevent unauthorized incoming and outgoing network traffic on user devices.
Configure Windows Feature Update policy settings for Windows 10 and later
 

Description
Configure policy settings for Windows Update Rings to ensure your customer tenants' devices are up to date with the latest fixes and security improvements to better protect them against harmful threats and to give them access to the latest Windows features.

User impact
Once this policy is configured and applied to your customer tenants' devices, Windows feature updates will be downloaded to the device.
Enable Standard protection profile to apply EOP and MDO protections
 

Description
This process creates a standard protection profile that includes policies for anti-spam, anti-malware, anti-phishing, advanced anti-phishing, safe links, and safe attachments.

User impact
Exchange Online Protection (EOP) helps protect your organization against spam, malware, phishing, and other email threats. EOP helps keep malicious email out of user inboxes. Microsoft Defender for Office 365 (MDO) helps protect your organization from malicious threats in email messages, links (URLs), and collaboration tools.

Set up notifications for noncompliant devices​

Description
When Microsoft Intune detects that a managed device is not in compliance with configured policies, the owner of the device will receive an e-mail with instructions on how to remedy the issue.

User impact
Windows 10 and later devices that don't meet the specified requirements are marked as noncompliant. When device compliance policies are enforced, noncompliant devices cannot be used to access tenant data.

Configure a device compliance policy for Windows 10 and later
 

Description
With device compliance policies in Microsoft Intune, you can define the rules and requirements that devices must meet to be considered compliant. For example, you can specify a minimum operating system version. This task deploys policy settings that help safeguard tenant data.

User impact
Windows 10 and later devices that don't meet the specified requirements are marked as noncompliant. When device compliance policies are enforced, noncompliant devices cannot be used to access tenant data.

Configure Microsoft Edge profile for Windows 10 and later
 

Description
Microsoft Edge policies support a rich set of features and provide optimal browser performance. In addition, Microsoft Edge gives users better security than other browsers. This includes blocking malware and phishing attempts, site reputation checks, download protections, and password security.

User impact
After these policies are applied to your tenants' devices, they will be better protected when browsing the web and working online, without affecting their ability to carry out normal operations. Microsoft Edge's modern security has the depth and breadth needed to protect modern web sites and legacy web apps.

Service Benefits

Experience unparalleled service excellence with our all-inclusive, transparent, and budget-friendly solutions that prioritize your security and success.

PRICING

Requirements
1 Owner and/or up to 15 Volunteers
 
Service Costs:
$69.99 per month
 
Licensing Costs:
$22.00+ per user/per month
(501.3c Nonprofits are likely to receive free granted/discounted licenses from Microsoft)
Requirements
2 – 349 employees
 
Service Costs:
$99.99 per month
 
Licensing Costs:
$22.00+ per user/per month
 
 
Requirements
350 – 2499 employees
 
Service Costs:
$499.99 per month
 
Licensing Costs:
$22.00+ per user/per month
 
 
Requirements
Operate in any of CISA’s Critical Infrastructure Sectors
 
Service Costs:
$1999.99 per month
 
Licensing Costs:
$22.00+ per user/per month
Requirements
Operate in any of CISA’s Critical Infrastructure Sectors
 
Service Costs:
$5999.99 per month
 
Licensing Costs:
$22.00+ per user/per month

Company Details

Contact

Codes & Certs