Strengthening the security of your Microsoft 365 - Consequences of a Cyber Attack

Small businesses are not immune to cyber threats, and, unfortunately, with them often not having the budgets to rival bigger organisations, it is essential that every resource available is utilised to its full potential. We have explored why your Microsoft 365 should be secure and just some of the many ways that cyber criminals can target and attack your system.

Throughout the blog we will explore what would happen if your accounts were breached, and some of the ways you can ensure security to avoid it happening.

What are the potential consequences of a cyber breach?

Depending on the goals of the cyber criminal the outcomes of a breach may vary. At the most severe, these could include the following:

• Sensitive data theft – If the data that you hold contains password credentials for third-party systems, or worse bank or card details for your own business or of customers’, this could be specifically targeted or stolen among your other file data.

• Data theft or corruption - The file data you have contained within your OneDrive and SharePoint libraries could be corrupted, stolen, deleted or - the worst-case scenario – a combination of all three.

• Masking as your business – With uncontested access to your Microsoft 365 environment comes the visibility of your contacts and correspondence history. The cyber criminal has the means to learn personal details about your business – they could discover which organisations you do business with, potentially arming them with a list of unsuspecting future victims to exploit – and very possibly enable them to use your business as the vessel to mask themselves to do so.

Microsoft 365 is at the heart of your business – but it isn’t fool-proof

Microsoft, despite being a SaaS (Software-as-a-Service) solution (which means it has its own security and compliance features as a part of the infrastructure defences provided by Microsoft as part of the service you are paying for), the front-end user aspects - within your own control and outside of Microsoft’s, must be protected.

How to secure Microsoft 365

There are two areas that must be addressed in order to reduce your risk of becoming a victim of a cyber attack.

There are many ways to secure 365, but the main two areas to address are:

• Implementation of technical controls, policies, filters, and defences.
  
  
• Policy changes for how your users' access and use 365.

Technical defences

Technical defences exist within Microsoft 365 to overcome a variety of different security threats, including:

• Your domain becoming a victim of a ‘spoofing’ attack with cyber criminals purporting to be your business.
  
  
• Email content or attachments being intercepted or viewed by unauthorised parties.
  
  
• Phishing attacks being received or having their links clicked upon within email.
  
  
• Malware, Ransomware, and other malicious file attachments being received or downloaded from malicious emails.

The Users

The users are the most important consideration when it comes to security, as the users of a system have the power to be either the cause of a breach or the most effective and last line of defence. Your system is fragile - it is as simple as a user clicking a link in the wrong email for the entire system to be jeopardized.

There are a number of risks posed by the way users access and interact with Microsoft 365 that depend upon:

• The ability to share files and documents, and with whom.

• The ability to share potentially sensitive information within email messages.

• The complexity of their password and whether this password is unique to 365 or used as a general password across other services.

• The level of system access and permissions assigned.

Security features, the risks they tackle, and how to apply them.

Login security

The risks

Users often have accounts that are being secured with very basic common password formats. You must reduce the risk of individual user accounts being breached as a result of exposed credentials on the dark web.

Overcome the risks –

The defaults within Microsoft 365 are designed to direct you, the user, to employ a complex password. As it sounds, a complex password is one that cannot be easily guessed, is long, and is a random mixture of letters, numbers, and special characters.

The traditional approach to password practice has changed. The old practice was to enforce users to change passwords on a cycle of so many days or weeks, and in some cases enforcing passwords of ever greater length and complexity as and when you change. The recent approach has been rethought, enforcing longer passwords alongside a regular password renewal cycle which forces users to use old passwords with minute changes simply to be sure they remember them. This makes the whole process redundant as the account is no more secure than when they started the process.

The new approach, Multi-Factor Authentication (MFA)

MFA is the better approach. MFA is a second authentication step that takes place after a user has entered their password. Accounts are further secured by requesting the user input a code, which changes on a cycle – usually every few seconds or a couple of minutes – the code being provided to the user via their mobile device through text message or by accessing an authentication app. This method is constantly layering the security offered by needing multiple devices to gain access. This means the cyber criminal can have your password (although you must avoid this at all costs) and they still won’t be able to gain access.

MFA, among other login security best practices, can be enforced for your tenancy through Microsoft 365 security defaults.

Microsoft 365 defaults – What are they?

To define security parameters that apply globally across all of your users, you can activate security defaults that enforce a number of policies automatically.

Security defaults are available to all users of Microsoft 365 at no extra cost, provided you are an organisation that utilises at least the free tier of the Azure Active Directory service.

Security defaults include:

• Block legacy forms of authentication

• Require users to perform MFA actions upon pre-set actions.

• Require all system administrators to perform MFA.

• Require all users to register for MFA.

How to implement security defaults on Microsoft 365?

• Visit your Azure Portal (https://portal.azure.com) .

• From the main menu scroll to ‘properties’.

• Click ‘Manage security defaults’.

• Move the slider across by clicking ‘Yes’.

In the next - and final - blog in the series we will explore other security measures you can take to ensure that your organisation’s cyber security is up to standard and capable of defending your systems against anything a cyber criminal can throw at it.

.

Ensuring your systems are secure – 1-Fix

Our team of specialists at 1-Fix offer a range of business IT services ranging from desktop to server management, to network design and cyber security assistance. Our experts want to become a vital member of your team and help you strengthen the security of your Microsoft 365 ecosystem.

We can help you achieve a level of security that allows you to feel confident 100% of the time that you are not going to be a victim of a cyber attack. Please do not hesitate to contact the 1-Fix team for a conversation on any aspect of your IT.