Cybersecurity Package

The power of microlearning combined with cyber security training for employees.

Prepared by cybersecurity professionals, Cybersecurity package essentially is cyber security training for employees that contains schedulable quizzes to help sustain employee cybersecurity awareness.

Strengthen existing cybersecurity knowledge

Asses employee cybersecurity knowledge

Adjust cybersecurity education initiatives accordingly

Cybersecurity package can be used together with other cybersecurity campaigns like formal training and/or social engineering campaigns to achieve an even deeper employee understanding and knowledge of existing cybersecurity threats.

Regular updates based on real-world threat environments will effectively provide users with an endless supply of unique content on the per-employee level. 

Intervy will act as a constant reminder highlighting the importance of cybersecurity to employees, while giving IT security managers the opportunity to assess the performance of other cybersecurity initiatives and adjust them based on detected changes in response patterns.

Key Zero Trust principles applied to Intervy

Intervy is built it in line with the Zero Trust architecture principles. There is no state of absolute security, it is a journey rather than an end goal. A journey you absolutely must take to survive in the current world climate. 

1. Architectural awareness

When designing Intervy, we are aware of each architectural component. This helps us to identify all the resources used and prevent potential risks in the architecture. 

2.Identify every event

We ensure that every identity representing a user, service, or device is uniquely identified. This helps us monitor user behavior, the device, and service health. We use a centralized SIEM (Security and Information Event Management) solution to track, hunt, and respond to security events. Just like Intervy, SIEM is cloud-native but architecturally separated to ensure data preservation and response capabilities in case of disruption to the application itself. 

3.Use of policies
Each request for data or services is authorized by a policy. For every authorization request, there are specific Just-in-Time and Just-Enough-Access (JIT/JEA) policies in use.
4. Authenticate & authorize everywhere

Since Intervy works as a Microsoft Teams app, all users are authenticated by Microsoft 365 Single Sign-on (SSO) without requiring them to enter additional login credentials, reducing the risk associated with additional passwords to access Intervy. We recommend that you enforce Multi-Factor Authentication through Microsoft to increase the security of your credentials and in turn the security of the data you store on Intervy.

5.Don’t trust any network

All Intervy data is encrypted both in transit (using TLS 1.2+) and at rest when stored in databases. In addition to the physical layer of protection provided by the Microsoft Azure platform, access to Intervy production environments is fully logged, audited, and restricted to a limited number of technical personnel during an incident investigation or limited set of maintenance works. Intervy development is performed in entirely separate environments without use or access to customer data.

6. Choose services designed for Zero Trust
Intervy was born in the cloud. All data is stored in highly secure Microsoft Azure datacenters, pinned to the EU locations. Microsoft Azure is designed with Zero Trust principles in heart.

© 2022 All Rights Reserved