Microsoft Office 365 is one of the most used software packages in the world, with 27 million active consumer users and over 100 million active enterprise users. With the latest version released in 2016, Office 365 has taken and integrated the latest cloud technology to their famous word processing and business apps. These new features include online cloud storage which includes automatic online backups, easy sharing of projects between staff (without a server) and added security.
However, like all new technologies, it is not without its new vulnerabilities. Cloud-based technologies have unique security concerns that need to be understood and taken into account by managers, such as the data being accessible from anywhere and, thanks to the cloud’s remote nature, susceptible to unauthorized access.
A recent study* has shown that 71.4% of enterprise Office 365 accounts have, at least, one compromised user each month. This includes accounts with unrevoked privileges (49.5%), ex-employees still having unauthorized access as well as malicious threats from outside the system.
Download Our Free PowerPoint Deck!
7 Free Things You Can Do to Improve Your Office 365 Security Posture
Find out what you can be doing to better protect your Office 365 environment, why you should be taking these precautions and a step by step guide of how to implement these procedures.
How secure is Microsoft Office 365?
Very secure. Microsoft has spent nearly a billion dollars on securing their flagship product in the last year**. Additionally, now with integrated cloud technologies, they are also providing a fleet of new security solutions, such as email encryption and threat protection. Plus, the physical data centers which store the raw data are highly secure, with biometric scanners for entry, unknown locations (But still located in the client’s region) and the workers themselves unable to access the data (Known as ‘Role Separation’).
As more companies take full advantage of Office 365’s powerful offerings and are moving their data to the cloud, the role of an MSP (Managed Service Provider, or IT Manager) is to stay constantly informed on the key best practices to manage the security of their 365 networks and ensure that client data remains secure.
Remove redundant account privileges
As mentioned previously, 49.5% of all unauthorized access is caused by a user having account privileges that are significantly higher than what is necessary. This might be an intern having admin access to delete folders, to a graphic designer being able to access financial data on the cloud. A full audit of the Office 365 user base should be necessary every six months, with the highest privilege only available to the MSP.
Revoke Ex-employee Access
When an employee has their contract suddenly terminated, there is the possibility that they might (either consciously or unconsciously) sabotage files. An ex-employee might not be malicious at all, but in cleaning up their space accidentally decide to delete critical files that are shared through the cloud. They might also remove client emails, documents, calendars and more, which thanks to Office 365, is synced throughout the network, to the cloud and might be critical for other departments. MSP’s and IT managers are advised to manage access for these scenarios and ensure any ‘no longer active’ accounts are archived when an employee leaves. A common mistake is that many firms may keep an old profile active ‘just in case’ they need to access the data when they should have proper processes to archive and restrict said data.
Additionally, this principle would also include having a unique login for each employee. Even large firms have been guilty of having one default password for their entire network, which an employee can easily remember before and after they leave the firm. This leads nicely to the next point about passwords…
Avoid Having a Password File
All the encryption in the world will not matter if a user has access to a password. There has been a recent increase in the number of people having all of their passwords, including their Office 365 cloud passwords, in an unprotected text file on their server and computer. In some situations, the file is even called ‘passwords’. This is the first place that a hacker will look when gaining access to your system. The easy solution is to simply not have an unencrypted password file or any file at all.
Enable multi-factor authentication
A quick way to ensure better security is to enable the included multi-factor authentication that is provided by Office 365. This service asks a user not just for a password, but to enter a special code that is sent to a mobile device (or another method nominated by the MSP). This is very popular for financial firms or when connecting to a sensitive system.
Backup sensitive data offline
To prevent data from being deleted accidentally or tampered with maliciously (Such as with a Ransomware virus, a virus that encrypts your data and only gives you a key if you pay the hackers), it is worthwhile to have an offline backup of your sensitive data. This is a failsafe measure just in case the cloud is compromised, or a user accidentally deletes a critical project and should be a cornerstone of a data recovery plan.
Use OneDrive for Business’s per-file encryption
Office 365’s OneDrive for Business offers per-file encryption, not just encrypting all of the files on the server with one key. This means that all data can be separately encrypted and that if a malicious actor got hold of one of the system passwords, they would not be able to access all the files (apart from one).
How Office Protect Can Help
One of the best ways to protect your files, system, and access to Office 365 is the use of a security platform, such as SherWeb Office Protect. SherWeb Office Protect is a proactive Office 365 solution that integrates into your Office 365 network to prevent all the above threats and ensure simple security management for MSPs and IT managers.
The comprehensive security suite Office Protect provides useful features to MSP’s such as:
- Alerts when a foreign or unknown IP access the Office 365 network, so you are instantly alerted when someone unauthorized accesses the network. If the IP address is set to the office that the users work from, then any external access will be instantly noted, despite the fact that Office 365 is operating from a cloud.
- Admin abuse detection. This is great for finding users with unnecessary admin privileges or when a user accidentally starts deleting files.
- Alerts for suspicious mailbox activities (Such as spam virus emailing the entire database).
- Proficient data logging on all accounts to monitor activity (But without compromising privacy).
- Tools to make it easy to set sweeping changes to user rights and access permissions throughout an MSPs whole Office 365 network.
- A single pane dashboard to break down complex user data into simple security information, to inform and educate quickly.
- User access data can be exported easily to PDF or CSV for data analytics.
- Reports that can be automated into a daily or weekly format, especially useful for reporting to clients or senior management teams.
Thanks to Microsoft’s continued investment into data security and to solutions like Office Protect, Office 365 continues to be a preferred and secure service to use across all industries.