Latest News

In honour of Cyber Security Awareness month, CyberUnlocked will be exploring a range of associated topics for today’s business owners. In this blog, we’ll discuss the importance of Microsoft 365 security. 

Should You Be Worried About Microsoft 365 Security Capabilities?

As a rule, you should always be concerned about security. Put simply, it’s a never-ending battle, and as such, it should always be considered when it comes to the technology you use at your business.

But what about Microsoft 365?

Designed according to Microsoft Security Development Lifecycle, Microsoft 365 is a Software-as-a-Service solution that uses a defense-in-depth approach to provide physical, logical, and data layers of security features and operational best practices. Plus, it offers enterprise-grade user and admin controls to further secure your environment.

However, that doesn’t mean it’s entirely secure against today’s cybercrime threats. A recent report by Vectra exposed how cybercriminals are circumventing Microsoft 365’s security capabilities. 

4 Cybercrime Methods That Will Breach Your Microsoft 365 Data (And How To Defend Against Them)

1. Stolen Administrator Rights: By design, global administrator accounts have the most privileges in a Microsoft 365 ecosystem. They can configure settings, grant access to other users, and more.  That’s why cybercriminals will go to great lengths to access these accounts. By tricking their way in through a phishing scam or brute-forcing the login, they gain unfettered access to your data. Make sure to enable a multi-factor authentication solution (MFA) for all accounts (global admins and otherwise). At a recent RSA security conference, Microsoft engineers told attendees that 99.9% of the accounts that are compromised each month don’t have an MFA solution enabled.  MFA is a great way to add an extra layer of protection to the existing system and account logins. By requiring a second piece of information like a randomly-generated numerical code sent by text message, you're able to make sure that the person using the login credentials is actually who they say they are. Biometrics like fingerprints, voice or even iris scans are also options, as are physical objects like keycards.
    
2. Privilege Abuse: The more capabilities you give your users, the greater the  risk those accounts pose to your security. Cybercriminals just need to breach one over-privileged account to wreak havoc in your systems.  Make sure to follow the rule of “least privilege”. It’s an important part of zero trust security. It ensures that every user is only given precisely the level of access they need to do their job. It’s like a cyber security equivalent of the intelligence concept, “need to know basis”.
   
   
3. Microsoft Outlook Disabled Auditing: Older Microsoft 365 accounts may not have mailbox auditing turned on by default. This puts them at risk of being monitored by cybercriminals hiding in the system. Any and all messages and data is automatically compromised when an external party is lurking in your network.  Protect against this threat by having your administrator enable mailbox auditing on all accounts. This will track and identify suspicious behaviour.
   
   
4. Business Email Compromise: Business Email Compromise is a social engineering technique used by cybercriminals in which they pose as a business or member of a business in order to execute fraudulent payments. Just last month, cybercriminals stole $15 million by impersonating executives at over 150 businesses.  Business Email Compromise can be carried out in a number of ways:

• Phishing: Phishing emails are sent to large numbers of users simultaneously in an attempt to "fish" sensitive information by posing as reputable sources; often with legitimate-looking logos attached.
• Spear Phishing: This is a much more focused form of phishing. The cybercriminal has either studied up on the group or has gleaned data from social media sites to con users.
• Online Research: LinkedIn, Facebook and other venues provide a wealth of information about organisational personnel, as do their company websites. This can include their contact information, connections, friends, ongoing business deals and more.

In addition to ensuring your executives understand how to identify a BEC attack, make sure to enable mail flow rules. This will allow your administrator to track suspicious messages and intercept them while in transit. 

Enlist An Expert Team To Manage Your Microsoft 365 Security

Think you can handle your Microsoft 365 security on your own?

Maybe you can — in theory, it's entirely possible that, if you've invested in the right technologies, and have the right skill set, you could handle Microsoft 365 cyber security for your business all on your own. 

But, if we’re being honest, that’s a big if. The proven approach would be to have the CyberUnlocked team manage it for you. Our cyber security support will handle the following:

• Management of security patches and updates
• Implementation of best practices for user privileges and access management
• Ongoing management of data backup

Don’t put your primary cloud platform at risk — get in touch with the CyberUnlocked team for expert assistance. We will employ a range of proven processes that will monitor and maintain your Microsoft 365 cyber security.