Welcome, and what a time to launch
A brief history of how we ended up here
CatchBefore was an idea long before it became a service. Our team has been helping corporate clients move to the cloud for many years. As the cloud products matured, the (optional) security features have also improved.
The age-old problems were there however. The system that you are using is only as secure as its configuration (the same problem that existed with onsite servers). Clients were removed from the restraints of having an onsite servers. No more rolling server upgrades every 4-5 years. No more outdated server software, or worrying about a hardware failure in the office. You can add 100 new accounts and not have to worry about buying a new server.
Instead of your data being accessible just in your office, it is now accessible globally. This is great when you are travelling, however it also means that anyone in the world can also try to access your data in the cloud.
365 does provide the tools to help you protect your data. But this is just part of the problem, you have to enable and use the tools correctly. You need to make sure they are applied to every account. There are still limits (quotas) in place, you still need to make sure you are not wasting licenses, or having more accounts than you require. If an account is compromised, you need a way to find out (and quickly!).
Overtime we have developed a reliable tool-kit of configuration and general health checks. We hit three problems however:
- The checks were only good up to the time we run them.
- The checks were time intensive to run.
- It can be difficult to maintain a best-practice configuration over time.
CatchBefore was created to make it possible to run regular health checks, and alert on any suspicious activity, or sub-standard configuration. This enables us to deliver levels of protection that would not be feasible with manual health checks. CatchBefore automates hours worth of checks and reviewing each day, bringing discovered issues to your attention.
Launch timing
Many years ago a number of nation/state actors tried to be reasonably discrete when attempting cyber-attacks. For a number of years western governments have been ringing alarm bells about the risk to business. The frequency of attack attempts is only increasing. Some foreign governments appear to be involved, or at least not doing anything to reign in attacks from their countries.
At the same time many organisations have moved to the cloud, and unfortunately have not taken adequate steps to prevent or detect an intrusion in their 365 tenancy.
CatchBefore is here to help organisations minimise risk, and utilise the fantastic benefits of the cloud with confidence.
Where we are heading
We initially had a short list of checks (under 10) that we wanted to have ready at launch time. Each check is designed to alert on a specific problem. For example, check and an alert if an account is missing Multi-Factor Authentication. Another example is check and alert if an overseas login is detected. We kept on finding additional important items to add to the list, and we have ended up releasing with 29 active checks!
We have plans to continue to add useful checks. Each time we see a problem, it may be the inspiration for another check.
Author, Category
