Security In The Cloud
Microsoft 365 Security: Everything you need, wherever you need it.
These days, the headlines are filled with stories of cyberattacks, but most of us only hear about the stuff that happens to big brands. The reality is that most hackers are targeting small to medium-sized businesses. This has certainly caused a lot of stress for companies that may not have the time or expertise to really evaluate their risks. For example, you’re probably busy focusing on how to run your business and becoming an expert in the field of cybersecurity is probably not as high on your to-do list.
Years ago, having an internet firewall, PC antivirus, and email filtering were enough to protect your business. But many things have changed since those simpler days.
Today’s employees are using different platforms and personal devices to access company data. This means you have more points of risk to think about. Data can easily get leaked outside your organization and devices that connect to sensitive business information can be lost or stolen, and, let’s face it, people can make mistakes.
Cybercriminals are going after your users in increasingly sophisticated ways. Phishing attacks are getting harder and harder to recognize and Ransomware twists the power of encryption to work against you, taking critical files hostage.
All of this is to say that cyberthreats and security breaches are becoming bigger concerns.
In this post we’re going to discuss the three pillars of Microsoft’s 365 Security Solution. Those are; Defend, Protect, and Secure.
Oakwood’s Tenant Health Check was developed to help organizations like yours identify any vulnerabilities or opportunities within your 365 configuration.
Defending Against Threats
Imagine you receive an email that looks a little fishy. In fact, it may not appear suspicious at first, but it includes an attachment or link that (unbeknownst to you) contains malware.
By clicking on a suspicious link that contains malware, you become victim to a phishing attack. Did you know that 90-98% of all cyberattacks start with phishing. Today, attacks are so sophisticated that even experts are finding it difficult to detect them, costing companies around $80,000 per cyberattack.
What’s more, cybercriminals are targeting small to medium-sized businesses more and more to get employee passwords and steal company assets.
How do you prevent these phishing attacks from happening in the first place?
Most conventional security products deal with cyberthreats by scanning for signatures of known viruses, looking for signals from previous attacks. But this only protects you from things that happened in the past and your organization exists in the present.
With Microsoft 365, you can defend against the millions of threats facing your business every day. Microsoft analyzes over 6.5 trillion signals daily—the world’s largest set of threat-related optics—to ensure that your company is protected from both old and new forms of malware.
Microsoft 365 helps you:
- Avoid malicious websites by scanning any links in emails and documents in real time to block unsafe destinations (ATP Safe Links).
- Protect against sophisticated malware by performing advanced analysis of email attachments in a sandbox environment to detect newly developed malware (ATP Safe Attachments).
- Enable antiphishing policies that use machine learning models and impersonation detection to provide protection against advanced attacks (ATP antiphishing intelligence).
- Configure advanced multi-factor authentication (MFA) policies—for example, bypass trusted locations such as your office network (Azure MFA – Trusted IPs).
- Enforce malware protection across all your company’s Windows 10 devices and protect files in key system folders from changes made by ransomware (Windows Defender).
Protect Your Data
What happens when you send an email with highly sensitive information to someone outside your organization? It could be financial information, personal data, or even your customer’s information. After you click send, how do you know what happens to that data? Oftentimes, you can’t really know where it ends up. And that leads to data getting into the wrong hands, getting deleted, or getting accessed by someone who was not the intended recipient.
Protecting business and customer data is massively important. But without the right security controls, it’s difficult to manage who has access to your data as it moves inside and outside your organization.
If your company is storing customer information or financial data, then your job is a lot like working on a dam. Just one leak can put you out of business.
That’s why Microsoft 365 gives you the ability to layer and harden your security. You can encrypt every email and attachment you send so that only the intended person can unencrypt it. You can control who can open, forward and print emails. You can receive notifications inside your email that let you know when sensitive data like credit card numbers is included in the body of a message. And the best part? You can rest assured that these protections you put in place stay in place even after content leaves your network.
To summarize, with Microsoft 365 you can:
- Prevent sensitive information such as social security numbers or credit cards from leaking outside your business (Data Loss Prevention – DLP).
- Encrypt sensitive emails so you can communicate securely with customers or other people outside your company, ensuring that only the intended recipient can read the message (Office 365 Message Encryption).
- Control who has access to company information by applying restrictions such as Do Not Copy and Do Not Forward to email and documents (Azure Information Protection).
- Enable unlimited cloud archiving so you can retain all your businesses’ email, including the mailboxes of former employees (Exchange Online Archiving).
Securing Your Devices
If you’re able to access work emails and files on your personal devices, then you really don’t want to lose them. But we’re all human, and it can be easy to accidentally leave your phone somewhere like a restaurant, a company event, or a cab. And that can create a significant security risk for your company.
Considering how many different phones, tablets, and laptops we use daily, it’s a full-time job just to keep track of how they’re all being managed and secured. And if you want to have the flexibility to do work on the go, then it’s crucial for companies to maintain control over who has access to business information at any given time.
There’s no need to stress if you accidentally lose a phone that connects to your work email or other business files. Microsoft 365 makes security simple by enabling you to easily secure your PCs and devices so that your employees can work wherever and whenever they need to. If one goes missing, you can easily wipe all company-related information from the device remotely without affecting any personal messages or pictures.
Right now, 60% of cyberattacks come from a breached device. And thousands of other data leaks occur when a device is lost or stolen. In order to keep your company safe and in-business, you can embrace new security technology with Microsoft 365 tools that help you secure all your devices.
Microsoft 365 lets you choose between having full control over company-owned devices or implement application management for personal devices. That second option gives you control over company apps or data, but not personal things like pictures and text messages.
You can also manage policies for all the Windows PCs in your company, such as enforcing BitLocker encryption or automatically installing critical Windows updates.
Don’t stress about a potential security breach when you take work with you on the go. Rest easy with Microsoft 365 which helps you:
- Control which devices and users can access your Office 365 data; with options to block users from logging in from home computers, foreign countries, or outside of work hours (Conditional Access).
- Apply security policies to protect business data on iOS and Android devices. For example, require users to provide a PIN or fingerprint to access business data, and encrypt data on mobile devices (Intune MDM).
- Keep business documents, emails, and other data within approved Office mobile apps and prevent employees from saving these to unauthorized apps and locations (App protection for Office mobile apps).
- Remotely wipe business data from lost or stolen devices without affecting personal information (Intune selective wipe).
- Use simplified controls to manage policies for all the Windows 10 PCs in your company, enforcing BitLocker encryption, and automatically installing critical Windows updates (Enforce Windows update policies).
With Microsoft 365 you no longer have to worry about your security risks. In summary, this solution will offer you…
- Protection from sophisticated external cyberthreats hidden in email attachments and links, and get cutting-edge defenses against phishing and spoofing attacks, ransomware, and other advanced malware attempts.
- More control over your company data and documents. Protection from data leaks helps you to prevent sensitive information like SSNs and customer credit card numbers from being shared outside your business, and to control access to documents, even after those documents have been shared outside your company.
- Management of the apps, data, and documents on devices that access your company data. Regardless of the device type or operating system, iOS, macOS, Android, or Windows, Microsoft 365 Business helps you manage these devices.
Maintaining the security posture of your organization is now more important than ever. At Oakwood, we understand what this means to your organization and would like to help you understand how to best protect your users, data and devices. Please drop us a message below and we’d love to help you sleep easier at night knowing your most important assets are protected.