Enquire Today
1300 205 999

home products & servicesSecuring Office 365

Securing Office 365

A RECENT AUSTRALIAN SURVEY SHOWED THAT ON AVERAGE, 34% OF ALL BUSINESS MANAGERS AND SENIOR EXECUTIVES REPORTED BEING TARGETED BY PHISHING AND RANSOMWARE ATTACKS IN THE PAST 12 MONTHS.

 

ONE RECENT REPORT BY F5 LABS FOUND THAT PHISHING WAS THE ROOT CAUSE OF 48% OF THE BREACHES THEY INVESTIGATED.

 

1 in 3, 1 in 2…. ASK YOURSELF – HOW DO YOU LIKE THOSE ODDS?

Have you moved to Office 365 and assumed that your data is safe?

If you’re one of the thousands of Australian businesses that started their cloud journey with implementing Office 365 and figured that the security and backup of your data was no longer your problem, this may not be the reality.

Witnessing this problem escalating to worrying levels, Interscale have built a fixed-cost suite of public cloud security advisory and delivery services. Ensuring the security of sensitive data such as email, customer information and shared files held on public Cloud such as Office 365 should be of utmost priority to your business.

 

Increasingly, hackers are utilising sophisticated social methods to wage a hidden war on your business. Often, these wars start with gaining access to an end-users email.

What do we mean by 'Securing Office 365'?

Microsoft Office 365 has become the standard business platform for the majority of organisations, large and small, around the world. It’s an easy-to-use, cost-effective solution with flexible features, making it a compelling choice. But as its usage has increased, Office 365 has also become an attractive choice for cybercriminals with more than 90% targeting email accounts, but also personal and organisational data. 

According to the Cisco 2017 Midyear Cybersecurity Report, “attackers turn to email as the primary vector for spreading ransomware and other malware. This is why no company can afford to skimp on Office 365 security. Exchange Online email is vulnerable to malware from attachments and malicious URLs that can lead to ransomware, business email compromise, phishing, and other attacks.”

The top five things businesses should consider when securing their Office 365 from network threats are:

1. Compromised accounts 
2. Malicious insiders 
3. Privileged account actions 
4. Lack of visibility into threats 
5. Lack of visibility into existing malware

The reality is that cloud doesn’t make your technology any more or less secure, so Interscale designed our Office 365 Securing solution to assist businesses with securing their cloud services. We take a holistic approach to auditing, securing and verification of public cloud productivity solutions such as Office 365.

Our framework includes an initial review of Office 365 licensing requirements against organisational needs, then providing clear advice around strengthening your security of data from external attack and internal human error, by utilising both existing capabilities of Microsoft’s cloud platform, as well as 3rd party solutions that we have adopted to gain an upper hand against attackers.

Interscale’s Securing Office 365 solution includes the following activities:

Completion of high-level audit to identify areas of concern in Office 365 architecture.
Detailed review of existing Office 365 licensing.
Structured removal or archival of former staff accounts.
Recommendations and delivery of configuration changes to addresses known to attack vectors.
Implement compliance functionality to retain data for required periods.
Deliver improved email security and anti-spam through internal configuration and 3rd party software products.
Provide recommendations and next steps on improved services or features to meet tactical or operational objectives.

Report

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus lectus tortor, cursus sit amet malesuada eget, feugiat vehicula est. Praesent vel purus non nisi imperdiet laoreet. In eu pulvinar turpis, in aliquam nunc.

Test

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus lectus tortor, cursus sit amet malesuada eget, feugiat vehicula est. Praesent vel purus non nisi imperdiet laoreet. In eu pulvinar turpis, in aliquam nunc.

Secure

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus lectus tortor, cursus sit amet malesuada eget, feugiat vehicula est. Praesent vel purus non nisi imperdiet laoreet. In eu pulvinar turpis, in aliquam nunc.

Audit

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus lectus tortor, cursus sit amet malesuada eget, feugiat vehicula est. Praesent vel purus non nisi imperdiet laoreet. In eu pulvinar turpis, in aliquam nunc.

Technical Terms Explained

Phishing

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus lectus tortor, cursus sit amet malesuada eget, feugiat vehicula est. Praesent vel purus non nisi imperdiet laoreet. In eu pulvinar turpis, in aliquam nunc.

Ransomware

Ransomware is a specific class of malware, that is typically designed to assume control of a computer for the purpose of assuming control of the data stored on that device. It does this by applying encryption over the data, resulting in the data being inaccessible without the required passphrase to decrypt the data. This passphrase is typically offered by the hackers for an exorbitant fee, generally demanded by payment in Bitcoin. In most scenarios, it is recommended that these fees are not paid as they frequently result in further financial demands from the attackers.

Hackers

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus lectus tortor, cursus sit amet malesuada eget, feugiat vehicula est. Praesent vel purus non nisi imperdiet laoreet. In eu pulvinar turpis, in aliquam nunc.

Malware

Malware (coined from the term “Malicious Software”) is an umbrella term that refers to a specific type of software that has been designed with malicious code. Malware is frequently used by attackers to gain control of, or cause damage to, a computer, server, client device or network. Once present on the device and executed, the malware will often take control of the device, proliferate on to other devices via the local network, then control the systems, often for the purpose of gaining financial benefit for the designers.

Exchange Online Email

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus lectus tortor, cursus sit amet malesuada eget, feugiat vehicula est. Praesent vel purus non nisi imperdiet laoreet. In eu pulvinar turpis, in aliquam nunc.

Attack Vector

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus lectus tortor, cursus sit amet malesuada eget, feugiat vehicula est. Praesent vel purus non nisi imperdiet laoreet. In eu pulvinar turpis, in aliquam nunc.