(June 15, 2021) With the shift to work-from-home models, many organizations accelerated their plans to adopt Microsoft 365. The cloud-based platform makes it easier for remote users to access email, collaborate, and share information and allows organizations to take advantage of Microsoft’s robust security controls. However, Microsoft 365 still requires a comprehensive security strategy.
A new study conducted by Arlington Research finds that email data breaches pose a significant risk for organizations using Microsoft 365. In the past 12 months, 85 percent of organizations have experienced an email data breach, with 67 percent reporting an increase in incidents due to remote work.
More than three-quarters of IT leaders surveyed said that continued remote and hybrid work policies will make it more difficult to prevent an email data breach. By following cybersecurity best practices, organizations can leverage the benefits of Microsoft 365 without putting sensitive data at risk.
Cloud service providers such as Microsoft are responsible for protecting their infrastructure from cyber threats. In many cases, cloud-based applications are more secure than on-premises infrastructure.
That fact was driven home by recent vulnerabilities in on-premises Microsoft Exchange Server, which we discussed in a recent post. Microsoft issued emergency security updates in response to zero-day attacks that affected tens of thousands of Exchange Server systems worldwide. Microsoft 365 was not affected by the threat, prompting even more organizations to consider moving to cloud-based email.
That doesn’t mean customers can neglect cybersecurity. The shared responsibility structure of the cloud requires customers to control access to their accounts and protect sensitive data from loss or exposure. However, the rapid transition to the cloud since the COVID-19 pandemic has increased the potential for oversights in security configurations.
Security Best Practices
The Computer Infrastructure Security Agency (CISA) issued an alert last year urging organizations to follow cloud security best practices, particularly when implementing Microsoft 365. Some of the agency’s recommendations include:
Use multifactor authentication (MFA). MFA requires users to enter two or more authentication factors, such as a password and PIN or biometric. Because attackers often use stolen passwords to send phishing emails and gain access to services, MFA has become an essential component of effective cybersecurity. It is especially important for securing administrator accounts with elevated levels of access.
Implement least privilege access policies. The principle of least privilege access ensures that users have the minimum level of permissions they need to do their jobs. It can greatly reduce the impact of an attack if a user’s account is compromised.
Disable legacy protocols. Legacy email protocols such as POP3, IMAP, and SMTP are used with older email clients that don’t support MFA. They should be disabled or their use strictly limited.
Enable logging and alerting. Microsoft has logging features that can help security teams quickly identify the source of a cyberattack and the scope of the incident. This enables faster containment and mitigation. Alerting features can notify administrators of abnormal events that should be investigated.
Integrate Microsoft 365 with other security tools. Many cyber attacks exploit multiple vulnerabilities. Organizations should integrate Microsoft 365 with other monitoring and logging tools in their environment to better detect and correlate suspicious activity.
In our next post, we’ll take a deeper dive into some of the specific security tools available in Microsoft 365.
ABOUT MAINSTREAM TECHNOLOGIES
Mainstream Technologies delivers a full range of technology services in Arkansas and the surrounding region including managed technology services and consulting custom software development and cybersecurity services. We also offer industry-leading data center services in our Little Rock facilities. Established in 1996, Mainstream has earned a reputation for delivering quality, reliable, and professional technology services for public and private-sector customers across the United States.
IT Business Development Manager
(479) 715-8629 Office
(501) 529-0008 Mobile