Blog

Homeland Security Recommends These Office 365 Practices To Avoid Getting Hacked

Written by Brendan B | May 20, 2019 12:00:00 PM Z

When it comes to the relentless amount of cyberattacks going on right now, the goal for any business is to minimize risk and avoid being a target.

The Department of Homeland Security, as well as, PTG, recommend these configurations to stay safe in today's high risk environment.

Office 365 Administrators must take extra precautions

As an administrator, you are the gateway to your company's network. It is recommended that you keep your device up to date with the latest software and patches. Admins should absolutely have MFA enabled (see below) and make sure that everything is configured properly. Admins are the gatekeepers when it comes to your network's security.

Move away from old-fashioned passwords

Last week, Microsoft anounced that cloud user accounts in Azure AD will get up to 256 characters, including spaces, in order to create more complex passwords.

The old mode of requiring employees to change their passwords, actually resulted in the use of weaker passwords, instead of making access safer.

Internally, Microsoft has started moving away from passwords completely to adopt other forms of authentication. The company has also confirmed that passwords will eventually be going away for Windows 10 users as well.

Two products that provide an alternative to passwords are Windows Hello and WebAuthn. These tools allow users to authenticate using biometrics instead of passwords.

Enforce MFA on all devices

Multi-factor authentication (MFA) provides the extra layer of identity protection that has become a necessity in today's high threat digital environment.

Business accounts that still use older email clients are especially vulnerable -- unless they also have MFA enabled.

CISA, Homeland Security's Cybersecurity and Infrastructure Security Agency, confirms that MFA is the best option to avoid Office 365 identity theft.

Enable Audit Logging

Enabling audit logging in the Security & Compliance Center allows an admin to search and find user and administrator activity in Office 365. When an audited activity is performed by a user or admin, a record of that activity is generated and stored in the Office 365 audit log. Alerts can also be configured for actions, such as log ins from foreign ip addresses or too many login attempts. This can help identify suspicious activity on your network. 

Audit logging has to be turned on before audit logs can be searched, but Microsoft is in the process of turning this on by default. 

Have a dedicated IT team to oversee cloud security

Without IT experts overseeing a cloud migration, oversights can happen that lead to network vulnerabilities.

According to CISA, "These accounts are exposed to internet access because they are based in the cloud. If not immediately secured, these cloud-based accounts could allow an attacker to maintain persistence as a customer migrates users to Office 365."

An IT expert trained in cloud security will make sure your tenant is configured properly and select the most secure migration strategy for your infrastructure.

If your business needs assistance configuring Office 365 for maximum security, connect with us today. We're always happy to help.