How to fortify your Microsoft 365 - Consequences of a Data Breach

12 Apr How to fortify your Microsoft 365 – Consequences of a Data Breach

Posted at 13:46h in Cyber Security by admin

Now that we know smaller businesses are not immune to the threats that cyber criminals pose, it is essential that you use the resources available to defend yourself to the best of your ability – especially on the usually smaller budget in comparison to larger organisations. We have also covered why effective security measures are integral in the modern world and briefly explored some of the ways that cyber criminals attack – and reap havoc – on your systems.

In the following blog we will explore what could happen if your account is breached and how to approach securing your account for now and to avoid it happening in the future.

What are the potential consequences of a security breach of your Microsoft 365 account?

Depending on the goals of the cyber criminal carrying out the attack, the potential outcome can be quite different. Some of the potential ramifications are as following:

Data theft or corruption – The file data you have contained within your OneDrive and SharePoint libraries could be corrupted, stolen, deleted or – the worst-case scenario – a combination of all three.

Masking as your business – With uncontested access to your Microsoft 365 environment comes the visibility of your contacts and correspondence history. The cybercriminal has the means to learn personal details about your business – which organisations you do business with, potentially arming them with a list of unsuspecting future victims to exploit – likely using your business as the vessel to mask themselves as to do so.

Sensitive data theft – If the data that you hold contains password credentials for third-party systems – or worse – bank or card details for your own business or of customers’ – this could be specifically targeted or stolen among your other file data.

All the above have one thing in common, the ramifications to the business reputationally, operationally, and financially could be severe – in some cases too severe to recover from.

How to secure Microsoft 365

Despite Microsoft 365 being a SaaS (Software-as-a-Service) solution, which means it has its own security and compliance features as a part of the infrastructure defences provided by Microsoft as part and parcel of the service, the front-end user aspects – within your own control and outside of Microsoft’s – must be protected, and that protection must be sourced by you.

There are two key areas to address to reduce risk of data breach and best secure Microsoft 365 for your small business:

A structured, well thought out policy for how your users’ access and use the platform.
Implementation of technical controls, well thought out policies, filters, and defences that can stand up to scrutiny.

Let’s take the first key area – the users – and see what risks they pose.

The users

Your users are the lifeblood of your organisation, they keep the cogs turning and the profits rolling in, but they also have an important role in the security of your systems, they can act both as the last line of defence for your system or the inadvertent cause of a business defining security breach. The fragility of your systems – for all the amazing things it can achieve for your business – is plain to see, it would take a simple click of the mouse on a malicious link in the wrong email for the whole thing to come crashing down.

The way users’ access and interact with Microsoft 365 pose several risks to your system, they depend upon the following:

The ability to share potentially sensitive information within email messages.

The level of system access and permissions assigned.

The complexity of their password and whether this password is unique to 365 or used as a general password across other services.

The ability to share files and documents, and to whom.

Let’s explore the security options in Microsoft 365, the risks that they tackle, and how to approach applying them to your systems.

Security options in Microsoft 365

The security features, the risks that they tackle, and how to approach applying them to your systems.

Login security

The risks:

Reduce the risk of individual user accounts being breached by cyber criminals as a result of exposed credentials on the dark web, or, because of accounts being secured with basic common password formats.

The risks, overcome:

A secure password policy is essential, a password acts as the gatekeeper to your systems, within Microsoft it is defined as default and is designed to direct the user to use as complex password as possible. A complex password is exactly that – complex – it is one that cannot be guessed easily, is made of a random mixture of letters, special characters, and numbers, and is of a certain length.

Password practice has changed over recent years, previously we were encouraged to change our passwords, often on a cycle, and in some cases to enforce passwords of even greater length and complexity each time you change.

The modern approach to password security has been rethought. This is because enforcing longer passwords and a regular renewal cycle of them forces users to use their old passwords again or make a change but use the same core lettering as the original to make it easier to remember. This is a complete waste of time; the point of the exercise is to improve security and this way of changing passwords with little changes – just to make life easier – does not achieve this.

Multi-Factor Authentication (MFA) is the better approach. Applying an additional layer of login security, known in some cases as 2-Factor Authentication (2FA) is the newer approach.

This method takes place after password step of your security. With MFA your accounts are further secured by requesting the user input a code – that changes on a cycle every couple of minutes – the code is provided to the user through a different device of the users’ choice, this method of constantly layering your security is a great way of literally adding layers to your security.

MFA, among other login security best practices, can be enforced for your tenancy through Microsoft 365 security defaults.

Microsoft 365 defaults, what are they?

To define security parameters that apply globally across all your users, you can activate security defaults that enforce several policies automatically.

Security defaults are available to all users of Microsoft 365 at no extra cost! This is providing you are an organisation that utilises at least the free tier of the Azure Active Directory service.

What do security defaults include?

Require users to perform MFA actions upon certain actions.
Require all system administrators to perform MFA.
Require all users to register for MFA.
Block legacy forms of authentication.

How to implement security defaults on Microsoft 365

Visit your Azure Portal (https://portal.azure.com)
From the main menu scroll to ‘properties’.
Click ‘Manage security defaults’.
Move the slider across by clicking ‘Yes’.

Once having implemented the new security measures it is worth noting that the next time your team log in to the system, they will be forced to activate MFA on their accounts by entering a mobile number or via another method (by selecting an authentication application to use on their device).

In the next blog in the series, we will explore other security measures you can take to ensure that your system is prepared for anything a cyber criminal can throw at it.

Cyber Security for your business with Urban

Are you concerned about your cyber security? Are you unsure what security measures to adopt? We can help! Our team of experts will work with you to learn how you do business to find security solutions that work for you. We provide a trusted, competitive, and impartial service to our wide range of customers throughout Greater London and beyond. Contact us now and see where we can help you.

Tags:

Cyber Security, Microsoft 365

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.