IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.
Sponsor Content
What does this mean?

Integrated Microsoft Cloud Solutions

Business, Technology, Internet and network concept. Business man working on the tablet of the future, select on the virtual display: CYBER RESILIENCE

How the city of Frisco, Texas, built its cyber resilience with Integrated Microsoft Cloud Solutions.

Ransomware attacks and other cybersecurity threats continue to increase for state and local governments. To combat these growing challenges, it’s imperative for these organizations to integrate security tools and strategies into every stage of IT planning and implementation. In other words, cybersecurity must be “baked in” to every new solution and every modernization effort.

That approach has transformed the security posture for the city of Frisco, Texas.

In recent years, Frisco — a Dallas suburb of over 200,000 and one of the fastest-growing cities in the nation — has taken several steps to modernize its operations and standardize its IT infrastructure. These changes were integral in giving the city the agility it needed to deliver responsive service to constituents and maintain business continuity during the pandemic. And they will enable Frisco to continue to improve service delivery and incorporate artificial intelligence (AI) and other important emerging technologies.

But the city wouldn’t have been able to increase its operational resilience if it hadn’t also focused on building its cyber resilience.

Implementing Microsoft’s suite of integrated solutions, which incorporates robust multilayered security, has helped the city automate various security tasks, access analytics that facilitate proactive threat detection and response, and build a more secure, future-ready enterprise.

DEALING WITH A FRAGMENTED SECURITY ECOSYSTEM

Before implementing Microsoft solutions, Frisco faced several cybersecurity challenges. Steve Leblond, the city’s chief technology officer, said the biggest risks were related to the need for more cyber awareness among employees to mitigate incidents such as phishing attacks, and the lack of automated, analytics-driven security tools.

“The biggest cybersecurity challenge is always people,” Leblond said. “It’s people either not understanding the technology or not having enough training.”

The city ultimately found a way to advance its security infrastructure at the same time it upgraded its IT infrastructure. Leblond and his team decided to modernize with Microsoft’s integrated suite of products, including Azure Government Cloud to advance their existing compute and analytics capabilities and Microsoft Office 365 to increase enterprise collaboration. The city is also beginning to use Power BI for business intelligence and data-driven decision-making, and Microsoft Endpoint Manager for mobile device management and protection. All of these solutions feature security components that are fully integrated from the start.

Leblond, who became familiar with Microsoft’s cloud solutions after attending its annual Ignite conference for developers and IT professionals over the last decade, said the integration offered by Microsoft made it the best fit for his organization.

Seeing what they had in their road map — the server infrastructure side, the client management side and then you have the office productivity side — and how all that intertwined and played together was really a main reason for going forward with a lot of this, Leblond said.

ADVANCING SECURITY WITH MICROSOFT CLOUD

Frisco has leveraged the Microsoft ecosystem to strengthen enterprise security as it continues to modernize. Before adopting Microsoft solutions, the city relied on multiple different point solutions, and its security infrastructure was much more fragmented.

“Prior solutions weren’t as connected as the Microsoft solution. We had a lot of disparate systems that didn’t talk to each other easily — if at all,” Leblond said. “It made getting insight and information across the network challenging.”

Getting the necessary solutions in place was also important for Frisco because the city was in the process of hiring a chief information security officer (CISO) and additional staff to help develop its security awareness program and work to strengthen its security posture.

With Microsoft cloud solutions, the city has been able to take advantage of multilayered security without having to make additional investments in third-party security solutions. Azure encompasses built-in security controls and services that strengthen identity and access management, data protection, network and application security. The platform-as-a-service offering features several layers of security across data, applications, virtual machines, network and perimeter, along with physical security delivered by Microsoft’s geographically dispersed data centers.

Microsoft encrypts data at rest and uses machine learning to make security recommendations and proactively alert IT teams about security vulnerabilities. Azure also integrates distributed denial-of-service (DDoS) protections to mitigate the likelihood of these attacks and strengthen perimeter security, which has become even more critical as government organizations embrace remote and hybrid work.

Through the Azure Security Center, government IT teams can access a threat intelligence dashboard to increase visibility into their Azure workloads. Azure is subject to regular third-party security audits to ensure the platform continues to have robust security controls and complies with security and privacy standards, such as SOC 2, ISO/IEC 27001 and others. The platform also manages security in line with an organization’s internal governance policies and access controls.

BUILDING A MODERN, SECURE ENTERPRISE

Frisco has taken advantage of this built-in security and adopted solutions such as Windows Defender ATP for advanced threat protection.

The city has multiple departments with different security and data protection requirements. Windows Defender ATP allows the city to access a dashboard that provides end-to-end analytics across its security operations, including intelligence regarding when a specific security event has occurred and which systems, files and applications it affected. Frisco also uses Microsoft Endpoint DLP (data loss prevention), which is integrated with Defender, to prevent and mitigate data loss on devices and other endpoints. These protections are in addition to the built-in DLP protections within Microsoft 365.

Greg Givens, Frisco’s CISO, said integrating the Microsoft ecosystem into the city’s security operations has benefited his organization tremendously.

“It gives us insight into our environment. All of the different modules talk together, so it allows us to correlate not just a single event, but also what we’re seeing across multiple platforms within that ecosystem, which is just verification for us that we need to take some action,” Givens said.

Givens added that streamlined automation and advanced remediation are some of the biggest benefits his organization has reaped from using Microsoft cloud solutions.

“I can go into all of the different portals and I have the ability to configure those as I want — whether that is to ‘alert only’ or alert and take some type of action,” he said, adding that Microsoft’s platform and services are configured to align with Frisco’s various security policies, such as disconnecting the network automatically without user intervention to review a security incident.

Going forward, the city plans to continue modernizing its IT and security infrastructure with Microsoft cloud solutions. Leblond said Microsoft has helped the city move toward a zero-trust approach, which will support its plans for anywhere-anytime connectivity for employees.

“The corporate network is no longer behind firewalls — it’s everywhere. Basically, your network is the Internet,” he said. “The technologies we’ve implemented have allowed us to give employees the efficiency and flexibility to work on any device, anytime, anywhere.”

Leblond added that modernizing with Microsoft has helped his organization develop the secure foundation it needs to be more future-ready and innovate how it delivers services.

“I remember being at some Ignite sessions and thinking, ‘That would be really great to someday be able to see that,’” Leblond said. “To go from what I saw at one of those sessions and now see it in real time in our environment, it’s actually very impressive.”