As we have settled into remote working, we feel a moment of relaxation that we have adjusted to a new ‘norm’ that seems to be settling in. Don’t get too comfortable though; there are plenty more endpoints to consider when it comes to keeping your company data, information and infrastructure secure.
Top 5 CyberSecurity Questions in Office 365
A remote workforce means there are many more endpoints to consider when it comes to keeping your company data, information, and infrastructure secure.
Although Office 365 allows many of us to work remotely, we’d be remiss if we didn’t address some of the top Microsoft 365 cybersecurity questions we’ve been getting recently. These answers will help keep your data safe and your workforce productive!
1. How can I protect against phishing, spoofing, and other email-based cyber security threats in Office 365?
Phishing, spoofing, and other email-based cybersecurity threats are the main Office 365 vulnerabilities you need to be on the lookout for when your organization leverages third-party email services. Luckily, there are a few ways you can help protect yourself:
Sender Policy Framework (SPF) is an email authentication technique that prevents spammers from sending messages on behalf of your domain. It allows the receiving email server to check that an email claiming to come from a specific domain is in fact submitted by an IP address authorized by that domain’s administrators, as published in the DNS records for that domain.
DomainKeys Identified Mail (DKIM) allows senders to associate a domain name with an email message to verify its authenticity. A sender creates the DKIM by “signing” the email with a digital signature. This “signature” is located in the header of the message. A valid signature guarantees that parts of the email have not been modified since the signature was affixed.
Domain-based Message Authentication, Reporting & Conformance (DMARC), builds on SPF and DKIM protocols. It adds a link to the “From:” domain name and publishes policies for recipient handling of authentication failures to monitor and improve the protection of the domain from fraudulent email.
SPF, DKIM, and DMARC protocols can help keep you safe, but it’s important to note that even the best security measures may not be enough when the ESP does not match with your specific data storage platform. Using Microsoft Exchange as your ESP, you can safeguard against the majority of email-based threats.
2. What’s the best way to prevent data loss in Office 365?
Every organization has sensitive and confidential data they need to keep secure from release, whether that release is the result of employee negligence or malicious attack. Therefore, preventing data loss should be a major concern for any organization.
Luckily, Data Loss Prevention (DLP) policies in Office 365 help to ensure that documents containing important data are monitored and that end users are not able to share this data. Office 365 DLP allows you to set rules and policies to define all the files and data that should be treated as confidential, critical, or sensitive. These rules and policies then protect those files from being shared or transmitted, preventing data loss from your Office 365 environment.
3. What can I do about whaling, phishing, and malicious links in Office 365?
While Microsoft works hard to stay ahead of security threats and prevent common types of malware and cyber-attacks the majority of the time, Office 365 is simply too big to be agile with all its security updates. This means you may be exposed to the risk of targeted cyber attacks. If you are not adequately protected against these risks, your organization could be subject to phishing, whaling, and the use of malicious links.
Phishing is a type of fraud used by criminals who try to deceive victims by impersonating well-known and trusted organizations or people – this is also known as “whaling” when the target is a high-level or senior executive and the direct goal is gaining access to their credentials and/or bank information. In both cases, these communications usually contain malicious links – URLs claiming to be one thing, but these are actually designed to steal your information.
Microsoft does offer some very useful tools to help prevent any attempted attacks from even reaching you to begin with. In particular, Office 365 Advanced Threat Protection (ATP) can help protect you against phishing attacks by providing protection across all your Microsoft programs. It keeps you safe by:
Scanning email attachments for malware with ATP Safe Attachments
Scanning web addresses (URLs) in email messages and Office documents with ATP Safe Links
Identifying and blocking malicious files in libraries of SharePoint, OneDrive and Microsoft Teams
Checking email messages for unauthorized spoofing with spoof intelligence
Detecting impersonation of users and domains with ATP anti-phishing capabilities
4. How do you prevent unauthorized administrator access in Office 365?
Unauthorized administrator access in Office 365 is a serious security threat because it gives access to the most sensitive and critical data. Administrators have access to all user content and they have the ability to decide who has access and how far that access extends. To address these concerns, your organization should implement a comprehensive strategy to mitigate as much vulnerability as possible. It is crucial to ensure data security with more protection layers and fortified information security protocols.
Office 365 also includes reports that allow you to track administrator activities. By using Exchange Admin Activity Report, Litigation Hold Activity Report, Mailbox Permission Changes Report, Azure Admin Activity report (among others), you can keep tabs on admin activities and look out for any red flags that someone has gained unauthorized administrator access.
5. How can you empower remote workers in Office 365 without risking identity theft?
With your team working remotely and relying on the cloud, the risk of identity theft is greater for sure. But since remote work is becoming the new norm for many organizations, it’s important to do what you can to mitigate the risk, while allowing your team the freedom to work wherever they want. Here are some of the steps you can take to help protect your remote workers from identity theft:
Restrict Access. Restricting access may seem counterproductive to empowerment, but this is all about the balancing act. Give users the least-privileged accounts possible that allow them to get their jobs done, without compromising security.
Use Conditional Access. Conditional access policies are essentially “if-then” statements. For example, if a user wants to log into their account, they must complete an additional verification beyond their username and password to sign in to their accounts (multi-factor verification). That way, even if a malicious user gets a user account password, they also must be able to respond to an additional verification, such as a text message sent to a smartphone, to log into the account.
Enable Microsoft Defender Advanced Threat Protection (ATP). Microsoft Defender ATP is a platform designed to help prevent, detect, investigate and respond to advanced threats.
Strong Office 365 Security Sets You Up For Success
Keeping data safe online has never been more important to the day-to-day functioning of any business, and we don’t see that changing any time soon. Being aware of the Microsoft 365 cybersecurity threats out there and the best ways to protect against them, you’re well on your way to keeping your organization ahead of the game.
Don’t have the bandwidth to devote to Office 365 cybersecurity? We’re happy to help.
Orchestry makes work simple in Office 365, Microsoft Teams and SharePoint Online by empowering your IT Administrators and employees to define a winning Microsoft 365 adoption and change management strategy, with a roadmap of what to use when, for what purpose.
Orchestry empowers organizations to define a winning Microsoft 365 adoption and change management strategy. Built by SharePoint MVPs and Microsoft 365 experts, Orchestry helps organizations formulate the roadmap of ‘what to use when’, increasing technology adoption, empowering through governance, and simplifying through intelligent provisioning organization-wide.