The 3 Most Important Things You Can Do to Prevent Office 365 Breaches | Edge Networks Cybersecurity & Managed IT Services
john
  • Mark Tishenko
  • Monday, April 22, 2019

Microsoft Office 365 is among the world’s most widely used software suites, and its popularity continues to grow. Organizations large and small can benefit from Office 365’s always-on convenience, which enables employees to be productive anywhere and everywhere, reliability, and predictable monthly cost.

But will your data, intellectual property, and other valuable information assets truly be safe in the cloud?

Here at Edge Networks, we’ve seen firsthand how devastating the effects of an Office 365 breach can be. We’re also highly familiar with the world-class enterprise grade security-hardened infrastructure that Microsoft maintains, and we understand the strength of their commitment to physical, logical, and data security.

We believe that your data can be at least as safe—if not safer—in Microsoft’s Office 365 cloud environment than it is when stored on premises. But we also know that the Microsoft Office 365 environment is highly customizable and configurable.

In the vast majority of cases, Office 365 breaches occur not because of vulnerabilities in Microsoft Office 365’s physical and network infrastructure—which is among the safest in the world—but because users or administrators have not properly configured their Office 365 tenant for security and threat management. Often, making a few small changes can go a long way when it comes to reducing the cybersecurity risks your business faces.

Here are a few quick-to-implement tips that can dramatically improve your safety and security while you continue to enjoy Office 365’s many benefits:

#1: Notify users in the subject line of emails that come from outside the company.

Email spoofing, which involves forging message header information to mislead the recipient about where it comes from, is more common than ever before. According to Verizon, email fraud accounts for more than 90% of cyberattacks targeting enterprises, and the FBI reports a 136% increase in business losses due to email fraud between 2016 and mid-2018.

Anything you do to make it easier for users to spot a forged or fraudulent message will make your organization safer. In Microsoft Exchange Online or Office 365, you can add a prepend like [EXT] or [EXTERNAL] to the subject of all incoming messages that originate outside your organization. This makes it easy for team members to identify those that don’t come from the person who is said to have sent them—so that attempts at email spoofing will be glaringly obvious to their intended targets.

Adding a prepend to incoming messages from senders outside the company is easy to implement. It’s a low-cost, low-effort way to boost security, and thus it’s a very good idea.

#2: Enable multi-factor authentication (MFA) for your organization’s Office 365 users.

This is probably the most important step you can take to protect all the accounts throughout your business from the consequences of password loss or theft. It adds a second layer of security to all user sign-ins and other system interactions. Microsoft makes it simple to set up MFA centrally for all users, though it can also be done individually.

Most people are familiar with multi-factor authentication because it’s widely used for consumer applications like online banking. They understand that they’ll need to check a secondary device, like their phone, for a code that enables them to access their sensitive personal or financial information. Office 365 supports authentication via mobile app, phone call, or SMS messaging.

Global surveys indicate that only about 20% of enterprise Office 365 users have set up MFA, despite the fact that password-based attacks are the most common reason for Office 365 account compromise. But the prevalence of these types of attacks means that enabling MFA is very much worthwhile. It’s a powerful means of protecting your account, your data, and the security of your entire organization.

#3: Enable mailbox audit logging within your tenant.

Business email compromise is a serious and ongoing threat. Even the best-informed and most careful employees can fall victim to spear-phishing or other social engineering tactics. Cybercriminals have used everything from fake invoices to keylogging software that steals users’ credentials to trick their targets into transferring funds to their bank accounts.

By enabling mailbox audit logging, you’re essentially transforming your Office 365 tenant into recording device that will track hackers’ every attempt at tricking, misleading, or deceiving your users via email. It’s a critically important forensic tool that will allow investigators to look back at all the login events and suspicious activities that occurred within mailboxes in your tenant.

The capacity to maintain these logs is built into Office 365, but audit logging has not always been enabled by default. Turning it on is a simple process, but it must be done ahead of time—you can’t search data from before the time you enabled audit logging capabilities. This is another area where thinking proactively about Office 365 configuration settings can make your business far more secure.

At Edge Networks, we’ve made many of our clients’ transition to the cloud easier and more secure. We have the know-how to help you prevent an Office 365 breach from devastating your business. To learn more how to configure your Office 365 tenant to maximize productivity and security, contact us to schedule a free assessment. Or check out our video to hear advice from our CIO, Josh McKinney, on staying safe in Office 365.

About the author