How can you ensure only the right cloud users have access to data without affecting productivity? How do you protect your cloud data from accidental data leaks? With phishing attempts and ransomware infections on the rise, what preventative measures should you take to help proactively block threats? How can you keep up with the increased sophistication of cyber attacks?
The surge of cyber attacks continues especially with more remote workers than ever before. Consider the average remote worker’s home network configuration. There are IoT devices such as appliances, televisions, and home security systems, plus personal computers with expired anti-virus trials and mobile devices sharing the same wireless network and Internet connection as the remote work laptop. Bad actors continue to innovate and come up with more creative ways to breach networks or tricking users into click on their links and/or malicious code. Unfortunately, the term “bad actor” has become a job title and a profession in today’s cloud world.
Seamless and secure access for users
Microsoft 365 is a Software-as-a-Service (SaaS) cloud solution which includes its own Identity-as-a-Service (IDaaS) cloud solution, namely Azure Active Directory (AD). Azure AD provides seamless and secure access to Microsoft 365 applications and services. Do you remember the days of authentication pop-ups in Outlook or other applications asking for credentials multiple times per day? These applications were more than likely using legacy authentication. This is a bad actor’s dream as 99% of password spray and credential stuffing attacks use legacy authentication. Password spray attack is a method used by bad actors to guess users’ credentials by attempting to authenticate with commonly used passwords over time. How long do you think it would take someone to guess a password of “spring2022”? You would be surprised at how many users have very weak and guessable passwords which are compromised every day. Using modern authentication for additional factor(s) of authentication is highly recommended. Multi-factor authentication (MFA) is a component of modern authentication and is built-in to Azure AD; thus, MFA can be used with Microsoft 365. The combination of credentials and MFA is “something you know”, such as a password and “something you have”, such as an authentication app on a mobile phone or a hardware token on your key chain. There are also password-less solutions which are becoming popular, however there are extra costs associated with this type of solution.
Azure AD Single Sign-On (SSO) allows you to manage authentication across cloud apps and devices and increase productivity by reducing password to one set of credentials per user. As part of the Get Cloud Savvy Microsoft 365 offering, all users get access to an eLearning portal for on-demand training. Users who are already authenticated in Microsoft 365 can access the eLearning portal URL without having to provide another set of credentials. You are logged in automatically and save time with Azure AD SSO.
Protect your data from accidental data leaks
Microsoft 365 Business Standard and Premium subscriptions provide subscription-based versions of Microsoft 365 Apps (Outlook, Word, Excel, PowerPoint, Publisher, Microsoft Teams). Microsoft 365 Apps are always-up-to-date with the latest security updates and enhancements including the newest features. You don’t have to wait 2-3 years for the next version of Office to be released to get the newest features anymore. Microsoft 365 client apps and backend workloads have integrated data loss prevention (DLP) capabilities to identify, monitor and automatically protect sensitive data. For example, if someone in your organization accidentally or maliciously attempts to send an email with a spreadsheet containing sensitive customer data to an external recipient, you can enforce a DLP policy to automatically encrypt or block delivery of the email. DLP policies can also protect sensitive data at rest in Microsoft 365. If someone in your organization attempts to share a Word or Excel document containing sensitive employee data with an external user, you can enforce a DLP policy to automatically block the sharing attempt with a customized message to raise employee awareness of your company’s document sharing policies.
Proactive cyber security approach
Microsoft has invested heavily in their cloud security solutions to help you gain insights into threats so you can take the recommended actions before they become issues for your organization. We take cyber security very seriously at Get Cloud Savvy. You’ll notice most of our blog articles and social media posts are related to trending cyber security threats. Microsoft 365 is one of the most targeted cloud platforms on the market today so it’s imperative you have a proactive cyber security approach. At a minimum, this should include 24x7 monitoring, alerting and reporting to provide better insights into risks and user behavior allowing you to detect and respond to potential issues as quickly as possible. Automated and proactive threat protection as well as industry best practice security configuration are a must in today’s cloud world and included with all Get Cloud Savvy Microsoft 365 offerings.
Please feel free to contact us at Get Cloud Savvy for a free consultation!
This is the part 3 of a multi-part series on transitioning to the Microsoft cloud. In the next blog of this series, we’ll discuss the cost savings and business value of Microsoft 365.
Click on the appropriate link below to review the previous blogs in the series:
Part 1 - Transitioning to the Microsoft Cloud
Part 2 - Transitioning to the Microsoft Cloud - Be More Productive
Don’t forget to like and share on your favorite social media platform! Cheers!
