Prepared by cybersecurity professionals, this package contains quizzes to help sustain employee awareness. It can be implemented together with other cybersecurity campaigns in your organization (formal training, social engineering campaigns, etc.) Regular updates based on real-world threat environments will effectively provide an endless supply of unique content on the per-employee level. Not only will it be a constant reminder highlighting the importance of cybersecurity to your employees, but you will also be able to use data from Intervy to assess the performance of other cybersecurity initiatives and adjust them based on detected changes in response patterns.
When designing Intervy, we are aware of each architectural component. This helps us to identify all the resources used and prevent potential risks in the architecture.
We ensure that every identity representing a user, service, or device is uniquely identified. This helps us monitor user behavior, the device, and service health. We use a centralized SIEM (Security and Information Event Management) solution to track, hunt, and respond to security events. Just like Intervy, SIEM is cloud-native but architecturally separated to ensure data preservation and response capabilities in case of disruption to the application itself.
Since Intervy works as a Microsoft Teams app, all users are authenticated by Microsoft 365 Single Sign-on (SSO) without requiring them to enter additional login credentials, reducing the risk associated with additional passwords to access Intervy. We recommend that you enforce Multi-Factor Authentication through Microsoft to increase the security of your credentials and in turn the security of the data you store on Intervy.
All Intervy data is encrypted both in transit (using TLS 1.2+) and at rest when stored in databases. In addition to the physical layer of protection provided by the Microsoft Azure platform, access to Intervy production environments is fully logged, audited, and restricted to a limited number of technical personnel during an incident investigation or limited set of maintenance works. Intervy development is performed in entirely separate environments without use or access to customer data.