In the previous blog in the series we explored the fact that being a small business makes you a bigger target for cyber criminals – this is often due to the considerably lower budget that most small businesses have in comparison to their larger counterparts. We also explored why it is so essential to secure your Microsoft 365 and some of the most popular methods used by cyber criminals to attack your system.

In the following blog we will explore what the potential consequences of a breach are, and some different ways to protect your system to stop them from happening.

What could happen if a breach is successful?

It is difficult to highlight the potential consequences of a breach without knowing the goal of the cyber criminal. The most severe of these are:

• Business masking – If the cyber criminal has access to your entire Microsoft 365 environment then they have full visibility of your contacts and correspondence history – this means they can learn details about your business that should be kept private. They have access to information on who you do business with and what sums of money are exchanged with those businesses. In brief, your system could inadvertently become a shopping list of potential targets for future attacks.
• Data theft – The file data you have contained within your OneDrive and SharePoint libraries could be corrupted, stolen, or deleted – this would be disastrous for your organisation, as not only could you be in trouble legally but you will also find it a hard task to earn back the trust of the customers whose data was lost.
• Sensitive data theft – The data you hold more than likely contains password credentials for third-party systems, or, in the worst-case scenario, bank details for your own business or your customers – again, if specifically stolen this could be disastrous and potentially business-defining.

Microsoft 365 – The tool that makes it all possible

Microsoft 365 – the cloud ecosystem that allows millions of businesses worldwide to function – has been a part of most of our lives for many years, for some as far back as childhood. Its day-to-day uses (from storing emails, files, and folders, to other sensitive financial or customer records) have become essential to completing our daily tasks. Its functionality is designed to accommodate an influx of emails so it is unsurprising that malicious emails will find their way through. With this in mind, it is imperative that we do everything within our power to protect that environment from the dangers of a cyber attack.

Securing Microsoft 365

There are two main areas that need addressing in order to ensure that your system is as secure as possible. Let’s explore them now:

• A clear and concise policy around how users access and use Microsoft 365.
• The implementation of technical controls and defences within your organisation.

Tech defences

Tech defences can help you to combat a variety of different cyber threats.  They protect against:

• Your domain becoming a victim of a ‘spoofing’ attack with cyber criminals purporting to be your business.
• Phishing attacks being received or having their links clicked upon within emails.
• Malware, Ransomware, and other malicious file attachments being received or downloaded from malicious emails.
• Email content or attachments being intercepted or viewed by unauthorised parties.

Your Users

Your users are the most important, and final, line of defence for your system. Your system – no matter how much you spend on technical measures – is fragile, and a simple click on the wrong link can send the whole thing into chaos. Let’s take a look at some of the risks posed by your users in the way they interact with Microsoft 365, that depend upon:

• The ability to share files and documents
• The ability to share potentially sensitive information with email messages
• The level of system access and permissions assigned
• The complexity of their password and whether this password is unique to 365 or used as a general password across other services.

Microsoft 365’s security options

We will now look at some of the security features of Microsoft 365, the risks that they tackle, and how to apply them in your organisation.

Login Security

The risks

Reduce the risk of individual user accounts from becoming breached by cyber criminals as a result of exposed credentials on the dark web, or because of accounts being secured with basic common password formats.

The risks overcome

In Microsoft 365 a secure password policy is defined, directing you to use a complex password. Your password should be exactly that – complex. It should be one that cannot be easily guessed, of a certain length, and comprising a random mixture of letters, special characters, and numbers. Over recent years password best practice has changed drastically. Traditionally, users were instructed to change their passwords on a regular cycle of a few days/ weeks and were told to enforce passwords of ever greater length.

Recently this approach has changed due to the realisation that enforcing longer passwords, combined with a regular password renewal cycle, simply encourages users to use old passwords again or to use abbreviated / slightly changed versions of the original (by adding 123 to the end, for example). Doing this makes the entire time-consuming process pointless, the account is no more secure than before the change was made and it is no more difficult for cyber criminals to perform a successful attack on your systems.

Multi-Factor Authentication (MFA) is the better approach. Applying an additional layer of login security, known in some cases as 2-Factor Authentication (2FA), is the newer approach. MFA is a second authentication step that takes place after a user has entered their password. Accounts are further secured by requesting the user to input a code, which changes on a cycle – usually every few seconds or a couple of minutes. The code is provided to the user via their mobile device through text message or by accessing an authentication app, constantly layering the security offered by needing multiple devices to access. Even if the cyber criminal has your main password to the account they may not have access to your device. MFA can be enforced through Microsoft 365 security defaults.

Microsoft 365 security defaults – what are they?

You can define security parameters for all of your users wherever they are on the globe, and they can be activated to enforce a number of procedures automatically. Security defaults are part of the service/ tools provided by Microsoft at no extra cost, provided you are an organisation that utilises at least the free tier of the Azure Active Directory service.

Let’s look at what the security defaults include:

• Require all users to register for MFA
• Require all system administrators to perform MFA
• Require users to perform MFA actions upon certain actions
• Block legacy forms of authentication.

Implementing Security defaults – How to

1. Visit your Azure Portal (https://portal.azure.com)
2. From the main menu scroll to ‘Properties’
3. Click ‘Manage security defaults’
4. Move the slider across by clicking ‘Yes’.

The next time your users log in to the system following this action they will have to activate MFA on their accounts by entering a mobile number or another method of personalised identification – such as selecting an authentication application to use on their device – but don’t worry – this is a relatively easy process and is worth doing just for the peace of mind that your users are a step closer to being cyber secure.

In the third and final blog in the series we will explore in detail other security measures that will ensure you and your team are cyber secure in the future.

We’re Netplatforms.

Implementing the correct security measures for the technical landscape of your organisation has the power to revolutionise the way your organisation works. We can implement and maintain your security measures and look for better ways to defend your system. Our success can be attributed to one thing: TRUST. Ever since our very first year in business, our clients have been happy to recommend us to other businesses, and we have grown steadily as a result of these recommendations. We can help you to truly get the most from your IT in the most secure way possible. Don’t hesitate – contact us now!

0207 993 9035 or hello@netplatforms.wmtemp.com.

________________________________________________________________________________________________________________

Book a no-obligation discovery call with a member of our team today by calling 0207 993 9035 or hello@netplatforms.wmtemp.com