Cloud account security is becoming a major problem for small and large businesses alike. As more data migrates to the cloud, public SaaS breaches are becoming more common.
Within the past year, 70% of surveyed organizations have suffered a public cloud data breach.
Cloud services can be vulnerable to a malware infection, ransomware, or account takeover for a number of reasons:
- Poor password security
- Misconfiguration (not having cloud security set properly)
- Lack of controls on admin-level accounts
- Use of shadow IT by employees
- Improper offboarding of abandoned SaaS tools
One of the biggest causes of compromised cloud accounts is misconfiguration. In a survey of 300 IT security professionals, security misconfiguration was noted by 67% of respondents as the #1 cloud security danger.
Use These Settings to Safeguard Your Microsoft 365 Business Account
Microsoft 365 is the most popular cloud security platform globally, which makes it a major target for hackers. If they can gain access to the platform, it often means access to cloud storage files, the ability to send and receive user email, and more.
How secure are your Microsoft 365 account settings?
Here are some of the best settings to configure to protect your account from a breach.
Use One Dedicated Global Administrator Account
How many users do you have at your San Jose/Silicon Valley business that have admin privileges for your Microsoft 365 business account?
The more admin level logins you have, the more at risk you are of a high-level breach.
Microsoft has what’s known as a dedicated global administrator account. When you set this up, you don’t have to pay an additional user license, because it’s designed to be used for admin activities only and nothing else.
Setting up a dedicated global admin account allows you to lower the privilege settings on user accounts, meaning a hacker can do less damage if they’re breached. Users simply log into the dedicated admin account to perform admin activities and log back out when finished.
Set Up Alerts for Large Volumes of Sent Emails
One common activity that hackers undertake as soon as they breach a Microsoft 365 account is use that user’s email to send phishing and spam.
If they can breach a user account, the hacker can send targeted phishing emails to others in the company. They will think the email came from a co-worker and are much more likely to trust any link or attachment it contains.
This type of activity not only puts your employees, customers, and vendors at risk of a phishing attack, it can cause your email domain to get blacklisted quickly by multiple mail servers.
You can mitigate the potential damage by setting up an alert in the Security & Compliance Center that will alert your administrator should any user email send more messages out than a designated threshold.
Enable MFA for All User Accounts
Really, companies should be using multi-factor authentication (MFA) for all cloud logins, no matter what platform. It’s an extremely effective way to block fraudulent sign-in attempts, even if the hacker has the user’s password.
Microsoft sees about 300 million attempted account hacks a day and says that MFA is 99.9% effective at stopping account compromise.
Turn this on for all users. On their next login, they’ll be prompted to add a device. Then when they login in the future, that device will be sent the time-sensitive one-time use code to complete account access.
Prevent a Scammer from Auto-Forwarding User Email
When is the last time you checked your auto-forward settings for your email account?
Most users don’t look in this area unless they’re about to go on vacation or need to forward mail for another reason.
A tactic of cybercriminals that gain access to a user’s Microsoft 365 account is to quietly auto-forward that user’s email to their address. This allows them to collect sensitive company data and gather details for spear phishing attacks for as long as they go undetected.
You can block this type of auto-forwarding by doing the following:
- Visit the Exchange admin center
- Select “rules” in the mail flow category
- Click to add a new rule and choose “More options” at the bottom
- Use the settings:
- Apply rule if sender is internal
- And, receiver is external
- And, mail type is auto-forward
- Action, block message and include explanation
- Add explanation (e.g. “Auto-forwarding outside company is prohibited”)
- Click to Save
Use Email Encryption for Sensitive Emails (Premium Users)
If you use Microsoft 365 Business Premium, there is a feature you and your employees can use that is already set up, which is email encryption.
This feature allows you to encrypt emails and their attachments and also add “do not forward” protections on a message.
Both desktop Outlook users and those that use Outlook online can access this feature to protect sensitive email.
Before you begin using it, you’ll want to set up a protocol so users know which messages should be encrypted. A consistent way to do this is through the use of sensitivity labels (another Microsoft 365 feature). If a message has a certain sensitivity level it can call for encryption.
Get Help Properly Configuring Your Microsoft 365 Security
Are you suffering from misconfiguration? GEEK911 can help your Silicon Valley area business with proper configuration of your cloud security settings in platforms like Microsoft 365 and others, so your accounts are better protected.
Contact us today to schedule a consultation! Call 1-866-433-5411 or reach us online.