Office 365 Security
Todays blog is going to discuss the weird cousin of IT, Security.
Office 365 has opened a world of possibility for business, giving us universal accessibility, better apps, better uptime and a whole host of new apps making our digital lives easier!
Unfortunately, it also widens our attack footprint.
But all is not lost and that is not to say that Office 365 is insecure. But we do need to take a minute to understand where threats come from and what we can do to reduce our risk.
Luckily, Microsoft have taken a lot of these steps for us. For example, they have invested in the best security equipment and infrastructure available. Their Datacentres are some of the most secure in the world.
So what is left? Right now, the only way into the office 365 system is via an end user. This takes many forms but to list just a few methods being used:
- Brute force Password cracking
- Social Engineering, getting the user to fork over their username and password (normally with an email)
- Attacking the device, i.e. deploying keylogging via a virus
Currently, you are far more likely to be hacked than your offices invaded. Cybercrime makes more money (in 2019) than the drugs trade (Source: Cybersecurity Ventures)
There are any types of hacker these days, most are backed by Criminal gangs and unfortunately, some are state sponsored.
What Can we do?
So right now, if you are in 365, you probably have complex passwords, and ‘internal’ security (i.e. securing sites internally).
Office 365 gives us a few things for free, and some better things that just need an additional license.
Out of the box, optionally we get:
- Two factor authentication using the Microsoft Authenticator App
- System Auditing
- System Retention
- Tools in SharePoint to roll back an encrypted document library
In a lot of small business cases, this will be enough, but just in case, there are additional security systems we can subscribe to that give us more control and better ways to reduce our attack footprint. With an EMS or Microsoft 365 license, we can add the following, plus more:
- Advanced Information Protection (Tagging and Encryption of any kind of data)
- Conditional Access (Lock 365 down to your IP addresses or locations)
- Advanced two factor authentication including 3rd party products
- Intune Device management (Make the devices more secure)
- Azure AD Premium (with additional control on user access)
While these additional security methods do have a license cost attached, they are definitely worth it.
Have a look at the article linked below, and if you want to know more, get in touch on 01962 711000.