Menu
Cybersecurity Package
The power of microlearning combined with cyber security training for employees.
Prepared by cybersecurity professionals, Cybersecurity package essentially is cyber security training for employees that contains schedulable quizzes to help sustain employee cybersecurity awareness.
Strengthen existing cybersecurity knowledge
Asses employee cybersecurity knowledge
Adjust cybersecurity education initiatives accordingly
Cybersecurity package can be used together with other cybersecurity campaigns like formal training and/or social engineering campaigns to achieve an even deeper employee understanding and knowledge of existing cybersecurity threats.
Regular updates based on real-world threat environments will effectively provide users with an endless supply of unique content on the per-employee level.
Intervy will act as a constant reminder highlighting the importance of cybersecurity to employees, while giving IT security managers the opportunity to assess the performance of other cybersecurity initiatives and adjust them based on detected changes in response patterns.
Key Zero Trust principles applied to Intervy
Intervy is built it in line with the Zero Trust architecture principles. There is no state of absolute security, it is a journey rather than an end goal. A journey you absolutely must take to survive in the current world climate.
1. Architectural awareness
When designing Intervy, we are aware of each architectural component. This helps us to identify all the resources used and prevent potential risks in the architecture.
2.Identify every event
We ensure that every identity representing a user, service, or device is uniquely identified. This helps us monitor user behavior, the device, and service health. We use a centralized SIEM (Security and Information Event Management) solution to track, hunt, and respond to security events. Just like Intervy, SIEM is cloud-native but architecturally separated to ensure data preservation and response capabilities in case of disruption to the application itself.
3.Use of policies
Each request for data or services is authorized by a policy. For every authorization request, there are specific Just-in-Time and Just-Enough-Access (JIT/JEA) policies in use.4. Authenticate & authorize everywhere
Since Intervy works as a Microsoft Teams app, all users are authenticated by Microsoft 365 Single Sign-on (SSO) without requiring them to enter additional login credentials, reducing the risk associated with additional passwords to access Intervy. We recommend that you enforce Multi-Factor Authentication through Microsoft to increase the security of your credentials and in turn the security of the data you store on Intervy.
5.Don’t trust any network
All Intervy data is encrypted both in transit (using TLS 1.2+) and at rest when stored in databases. In addition to the physical layer of protection provided by the Microsoft Azure platform, access to Intervy production environments is fully logged, audited, and restricted to a limited number of technical personnel during an incident investigation or limited set of maintenance works. Intervy development is performed in entirely separate environments without use or access to customer data.