With tens of thousands globally working from home and likely to for the foreseeable future IT Security is more important than ever. The FBI have reported a staggering 400% increase in reports to their cyber division since the pandemic began. Cyber criminals use a variety of methods to gain trust and entry into inadequately protected networks. Hackers frequently exploit Office 365 via known weaknesses in the out-of-the-box security configuration and with more sophisticated and convincing phishing emails they can lure people to enable their attack attempts.
Cyber protection measures are varied and can be overwhelming. This guide simplifies what you need to do to step up your IT Security. First here are some real life examples of how attacks happen:
Scenario 1. A hacker sends a cleverly compiled email with an attachment or link to a file loaded with Malware and before you know it, you’ve been hit with Ransomware!
Scenario 2. A hacker sends a very official looking branded email, containing a link for you to login to Office 365, but it wasn’t Office 365. Now they have your login credentials and they can login to your account from anywhere in the world. We have seen hackers setup inbox rules to forward emails containing IBAN etc. out to a Gmail account. This can go completely undetected.
Scenario 3. Once a hacker has access to your Office 365 account, they can intercept routine emails e.g. for accounts payable invoices and then change the target bank account numbers to their own and seek payment.
Here is how to reduce your risks by 99%!
1.SETUP ADVANCED THREAT PROTECTION EMAIL FILTERING
Bad actors are constantly finding ways to get in front of your users. You need an email filtering system that evolves as the threats do and filters out all of the bad emails before your users even lay eyes on them. The best email filtering systems use “sandboxing” so that if your users open attachments or links they are first opened or “detonated” in a safe environment before actually opening for the user on their screen.
Advanced Threat Protection should be added to each Office 365 user subscription.
2. SET SECURITY POLICIES & MONITOR COMPLIANCE
It’s worth sitting down thinking about who needs access to what, from where and when. Segregate your users into logical groups e.g. Static Office User & Mobile Users. Then create policies for each logical group. Once these are configured in Office 365, we can monitor them and report on them and be alerted of any changes to them. Unfortunately, it’s not a case of “set and forget”. Settings can change for various reasons and you can’t be sure your policies are enforced if you don’t audit them frequently.
Restricting access to Office 365 from within Ireland and/or setting up multi-factor authentication are two of the most effective things you can do to eliminate hacked accounts.
365 Protect is a management tool that enables us to manage, monitor and report on your Office 365 tenancy as well as enabling us to respond to preconfigured alerts.
3. BACK UP YOUR OFFICE 365 MAILBOX, ONEDRIVE & SHAREPOINT DATA
Many people assume that saving their data into their personal OneDrive means it’s backed up. But that’s not strictly true. Even though it’s in the cloud, Microsoft only replicates your data for availability purposes. This means that it takes the most recent file version and saves a copy. If your files were locked for ransom or they were infected with malware, the replicated copies may not be retrievable, or at best, it could take up to 6 hours or more to retrieve just one file. Think about how that may affect your business.
HCS Managed 365 Backup automatically backups up data in your mailbox, your OneDrive and SharePoint.
4. PROTECT YOUR ENDPOINTS
Once the perimeter has been breached, your last line of defence is generally the anti-virus software running on your desktop and server. Traditionally, these solutions work from a known list of virus signatures and rely on a central database for updates. Such solutions have been poor at preventing ransomware attacks and result in significant disruption and cost.
Modern Endpoint Detection and Response solutions are an upgrade from traditional antivirus and incorporate Al learning to detect abnormal activity on each Endpoint. They also incorporate features to “rollback” a ransomware attack and automatically disconnect a PC/Laptop from the network.
5. TRAIN YOUR USERS IN CYBER SECURITY
The bad actors are always looking to be one step ahead. They do this by exploiting the habits of your users and vulnerabilities in the software systems. There is always a chance that they will circumvent the security measures you have in place. Therefore, making your users cyber security aware, is an important part of your strategy to catch what all else fails to.
In addition to all this above you should setup internal controls to follow before making payments online.
Our team of security experts can help you determine what solutions you need to put in place. They will review what you currently have, identify where the gaps are and make easy to digest recommendations to reduce your cyber risk. We speak your language, we don’t over do the tech talk. We understand what businesses need and we partner with the best in IT Security to bring enterprise level, tried and tested solutions that fit businesses of all sizes within their budgets.