Security, without the burden

Multi-Factor Authentication

15 Apr Security, without the burden

Posted at 16:03h in News by

Theft is on the rise!

Thieves are stealing from you… but, no longer are they climbing out of the bedroom window with your television. Today’s cyber criminals want to get access to your valuable & sensitive data, and with some slightly more sophisticated tools at their disposal, they are rather easily stealing your login credentials to get access to such private files & documents.

With businesses continually adopting cloud computing, it is only natural that cyber attackers are following this trend by shifting their focus towards these evolving cloud environments. They’re using their tried and tested methods, such as password guessing and phishing campaigns, to drive these attacks.

As one of the largest cloud communication & collaboration tools today, Microsoft’s Office 365 platform has become a particularly juicy target.

So, there’s most definitely a credible threat, completely regardless of your business size, type or location. But, what can you do about it?

 

Better secure your cloud services in a straight-forward way

Cyber Security tools & practices need not be ludicrously complex or expensive. There are many best practice methods that could be deployed within your business to mitigate the risk of attack & heavily reduce your vulnerability.

Multi-factor authentication (MFA), or often referred to as 2-factor authentication (2FA), is a straight-forward process of adding another user verification step, beyond just a password, to the login process for a system or cloud-based service.

As a simpler end-user friendly security provision, MFA typically triggers a single-use code to the user that must be input into the website/system before the login can complete. The code can be delivered to the user by text message, phone call or via an in-app notification – at the user’s choice.

Should a user receive such a notification without having requested it first, their account is likely vulnerable, and it would be advised to reset their password. Importantly, however, their account remains secure, as without the single-use code the account may not be accessed.

 

But this might be difficult for our users to adopt

The single-use codes may be difficult to rollout to your team without resistance. But there other means you can deploy to achieve the same goal – such as restricting the IP addresses from which user’s may login from, or control which devices may login through a pre-authorised list controlled by Azure Active Directory, are just two examples.

Businesses with the appropriate tier of licensing may be able to use conditional access to enforce the use of MFA within their organisation – giving users no choice but to comply with the more secure process.

 

New Office 365 guidance from Microsoft

Microsoft have recently released new security guidance, (albeit aimed at the public sector – is relevant to all industries), which provides up to date advice on how best to implement Office 365 installations, so that they meet the National Cyber Security Centre’s (NCSC) cloud security principles. We recommend this advice to organisations of all sizes & types.

The guidance covers the use of all Office 365 services. So, the measures suggested will provide you with the confidence that you are safely using newer cloud-only features that cover all of your familiar applications & services.

 

How can I implement this within my business?

Depending on your current licenses and tools you have access to, there may be different options available to you.

At Urban Network, we’re best placed to review, consult with you and configure cyber security best practice.

If you are an existing client of Urban Network, then we will be actively reviewing your cyber protection and providing direct advice to you to keep ahead of this ever-growing threat. If you have any questions, concerns or simply wish to discuss your cyber security options further, please consult your Account Manager.

If you are new to Urban Network, we’d love to help. We take a proactive stance on the review of technology within our client’s businesses – it’s our mission to help you and your business get the best value from technology to drive an efficient & profitable operation.

With such a heavy-reliance on our tech systems these days, protecting the data held within them is important, now more than ever. To receive some guidance & peace of mind, please contact us to schedule a free, no obligation review session to discover your current position & the options open to you.

 

Can I stay ahead?

The cloud tools we use are constantly changing & so are the risks to our data security. It is therefore worth planning to periodically review the configuration of your services and check to see if your vendor or support partner have updated their recommendations.

 

Who are Urban Network?

We specialise in managed IT & technology services to help businesses across London & the wider-South East, from our base in Wapping, East London.

Urban Network has a proven track record, with extensive experience and a full portfolio of industry accreditations & certifications.

Among our range of skills, we have a specialism in cyber security. Ensuring we aid our clients with employing the best & most appropriate security practices, procedures and tools to protect their sensitive data.

If you have any concerns or challenges with your cyber security, or with your technology generally, we would like to hear from you. Please contact the team today.

 

References –

Office 365 security guidance from the National Cyber Security Centre.

Microsoft public sector cloud security guidance.

National Cyber Security Centre cloud security principles.

 

Tags: