The rise of cloud adoption and remote work has fundamentally transformed the role of the traditional corporate IT network. Today, employees are scattered all over the world and accessing sensitive company information on a range of devices. This gives rise to a wide range of cybersecurity risks – everything from unauthorised applications (also known as Shadow IT) to insecure personal devices, creating potential entry points for would-be cybercriminals.

Adopting a Zero-Trust approach (where every company access request is authorised and users are given just enough access to perform their roles) is vital. However, managing Zero-Trust protocols across hybrid cloud and on-premise environments can be highly complex. This is where Microsoft Entra Global Secure Access (Entra GSA) can help.

In this article, we spoke to Atech’s Charlie Gough, Head of Pre-Sales and Microsoft MVP in Security to discuss Entra GSA’s features and benefits and explain how our cybersecurity expertise can help you develop and implement a robust cybersecurity roadmap that adapts to your evolving remote working needs. Read on to learn more.

How Entra GSA centralises security for Microsoft 365 users

For decades, companies relied on VPNs and firewalls to create a secure perimeter around their IT network. This ‘castle and moat’ approach assumes that every employee and device within the perimeter can be trusted. However, with the rise of remote work, securing the perimeter is no longer enough. The influx of employees accessing workplace networks from public WiFi, and using personal devices and technologies (like generative AI apps) creates cybersecurity blind spots and expands an organisation’s attack surface exponentially.

Many organisations currently rely on a multitude of security applications to address these challenges. Charlie estimates that the average enterprise IT system could deploy as many as 70 security management tools. He notes that deploying point solutions often requires integration support, hinders companies’ ability to automate security, and creates “vulnerabilities in-depth.”

He explained that “vulnerabilities in-depth” refers to many disparate security systems creating additional gaps and complexities in an organisation’s security posture –– putting their company data at even greater risk.

Fortunately, Entra GSA offers a cloud-based Zero-Trust solution that seamlessly integrates with your existing Microsoft security technologies. Here is a quick rundown of some of its benefits:

• Unified security management: Entra GSA unifies existing Microsoft security solutions like Defender for Office 365 and Identity Protection, eliminating the need for organisations to perform complex integrations and streamline security operations.
• 360-degree visibility: Entra GSA provides a holistic view of device compliance and user activity, helping security teams make informed decisions to protect their organisations.
• Real-time threat response: Entra GSA leverages Microsoft Graph for real-time data sharing. This means that it can instantly identify a range of threats (e.g., malware and phishing attacks) and deploy necessary protocols to mitigate them.

Entra GSA is currently in public preview, which means that features and functionalities are subject to change. However, the current version in testing has been proven to address the challenges of Shadow IT, vulnerabilities in-depth and securing a Zero-Trust environment. When the Microsoft security solution becomes publicly available, Entra GSA will make it easy for companies to provide secure and controlled access to company systems regardless of user location and device.

Atech’s holistic approach to minimising your attack surface

Charlie recommends that most organisations adopt a multi-layered approach to addressing ever-evolving cybersecurity challenges. This may involve incorporating firewalls, threat detection, data encryption, and implementing extensive user training.

“Navigating security configuration can be daunting. As a Microsoft-first partner and MISA member, Atech has the expertise to simplify this process and ensure your implementation is tailored to your specific needs. Our experience working with the product team and our deep understanding of Microsoft security solutions will allow us to integrate Entra GSA seamlessly into your existing security posture, minimising your attack surface and maximising its effectiveness.” – Charlie Gough, Atech Head of Pre-Sales and Security MVP.

Charlie explained that the Atech team is currently consulting with a large global energy company about its plans to modernise its security posture and potentially remove legacy VPNs in favour of Entra GSA. Charlie added: “Once we have implemented the solution, we will test and optimise the IT environment to ensure the company is getting the most value from its investments.”

Harness our deep Microsoft expertise to shore up your defences

While specific Microsoft security solutions like Entra GSA might not be immediately deployable, our awareness of the evolving security landscape helps you perfect your long-term security strategy.

First, we assess your current security provisions, understand your business goals, and help you make a compelling case for security modernisation. Next, we build a custom implementation roadmap that minimises operational disruptions and ensures you’re smoothly onboarded to the new Microsoft security solution.

If you would like to start planning ahead and getting ready for Entra GSA too, get in touch with our security team now. We would be happy to take you through our tailored Microsoft Cybersecurity Assessment and start you on your journey.

Alternatively, you may wish to sign up for our Guardian Business or Enterprise Managed Security Operation Service (SOC). Our dedicated team (holding a combined total of over 250 Microsoft certifications) provides round-the-clock protection and ensures that you always stay on top of the latest threats and Microsoft security solutions.