As part of the United States Bipartisan Infrastructure Law, also known as the Infrastructure Investment and Jobs Act of 2021, the Government allocated $1 billion over 4 years to fund cybersecurity programs for state governments. The Department of Homeland Security will implement the grant program while CISA is our subject matter experts and FEMA administers the funds.
The following elements are required for a cybersecurity plan to qualify for funding based on National Institute of Standards and Technologies (NIST) Cybersecurity Framework (CSF):
Implementing multifactor authentication (MFA) can prevent unwanted access to your company’s accounts.
Embrace enhanced logging.
Your sensitive data is encrypted when it’s at rest and moving over the wire.
It’s important to keep your business as secure as possible, and one way you can do that is by replacing unsupported or end-of-life software that is accessible from the internet.
Your passwords should not be default or fixed. It’s important that you make sure you’re using different and unique passwords.
SLTT governments have many options for the products, solutions and plan needed to successfully apply for federal funding. We want to call attention to the following offerings from Microsoft that can help SLTT governments in their application:
-Access to Office 365
-Custom solutions for K–12 education
-Powershell for Windows 10 Enterprise
-PowerApps for iOS and Android mobile devices
To prevent unauthorized access to your account, it’s important to have multifactor authentication enabled.
Microsoft Azure Active Directory (Azure AD) offers an array of multifactor authentication methods, including two single-factor authenticators. For governmental agencies, Azure AD certificate-based authentication is an ideal method for strengthening MFA. A number of Microsoft products, like Intune, can help businesses implement Windows Hello for Business to advance their MFA strategy, as well. With cross-tenant access settings in Azure AD, businesses have complete control over collaboration with external users from other Azure AD organizations and Microsoft Azure clouds, which allows you to adopt multifactor authentication methods within your organization.
To enhance our logging, we can:
