04 Aug Be prepared, be secure – Consequences of a data breach?
In the previous article we explored how, just because your business isn’t a large corporation, it doesn’t mean that you are immune to cyber attacks – in fact, you are more likely to be the victim of an attack. (This is often due to the considerably lower budget that most small businesses have at their disposal in comparison to their larger counterparts.) We also looked at why it is so essential to secure your Microsoft 365 and defend against some of the most popular methods used by cyber criminals to attack your system.
In the following blog we will explore what the potential consequences of a breach are, and some different ways to protect your system to stop them from happening.
What could be the consequences of a successful breach?
It is difficult to highlight the exact consequences of a breach without knowing the goal of the cyber criminal. The most severe of these are:
- Business masking – With access to your entire Microsoft 365 ecosystem, the cyber criminal will have full visibility of your contacts and your correspondence history, which will allow them to learn details about your business that should be kept private. This information gives them access to who you do business with and the sums of money that are exchanged with those businesses. Basically, your system could become a shopping list of future targets for the cyber criminals.
- Data theft – The file data you have contained within, for example, your OneDrive and SharePoint libraries could be corrupted, stolen, or deleted, causing serious problems for your organization both legally and in regard to trust – good luck earning back the trust of your clients once you tell them you have lost their data.
- Sensitive data theft – The data you hold could contain password credentials or, in the worst-case scenario, bank details for your or your customers’ businesses – if they are stolen the consequences could be business defining.
Microsoft 365 – The internationally renowned tool
Microsoft 365 – the internationally renowned Cloud ecosystem that continues to allow businesses to function at their peak day in day out – has been an integral part of most of our lives for decades now and for some this relationship has spanned since their childhood. Its day-to-day uses (from storing emails, files, and folders, to other sensitive financial or customer records) have become essential to completing our daily tasks. It is designed to accommodate an influx of emails so it is unsurprising that malicious Emails find their way into the system. With this in mind, it is imperative that we do everything within our power to protect that environment from a business defining cyber attack.
You need to address two main areas in order to ensure that your system has the best chance of becoming and remaining secure. Let’s take a look at them now:
- A clear and concise policy around how users access and use Microsoft 365.
- The implementation of technical controls and defences within your organization.
Technical defences will help you to combat a variety of different cyber threats. They help protect against:
- Your domain becoming a victim of a ‘spoofing’ attack, with cyber criminals purporting to be your business.
- Phishing attacks being received or having their links clicked upon within emails.
- Malware, Ransomware, and other malicious file attachments being received or downloaded from misleading Emails.
- Email content or attachments being intercepted or viewed by unauthorized parties.
Your users are by quite some way the most important defensive measure you have at your disposal. No matter how much money you spend on technical measures, your system is very fragile – one click on the wrong link and the whole thing can come tumbling down. Let’s explore some of the risks posed by your users and the way they interact with Microsoft 365, that depend upon:
- The ability to share files and documents
- The ability to share potentially sensitive information with email messages
- The level of system access and permissions assigned
- The complexity of their password and whether this password is unique to 365 or used as a general password across other services.
Microsoft 365’s security options
We will now look at some of the security features of Microsoft 365, the risks that they tackle, and how to apply them in your organization.
Reduce the risk of user accounts being breached by cyber criminals as a result of exposed credentials or because of basic password formats being used.
How to overcome those risks
In Microsoft 365 a secure password policy is defined, directing you to use a complex password. Your password needs to be complex – it should be very difficult or practically impossible to guess, a certain length, contain special characters and numbers, and be comprised of a random assortment of letters. Over recent years password best practice has changed considerably. Traditionally, users were encouraged to change their passwords regularly – some even recommended a cycle of a few days/ weeks and were told to enforce passwords of greater length and complexity – however, this advice has all changed.
Many have come to the realisation that this approach – however proactive – simply encourages users to use old passwords repeatedly (be it abbreviated versions of the original or otherwise). Doing this makes the entire process pointless, as the account has not gained any levels of security and cyber criminals can still attack your system just as easily.
Multi-Factor Authentication (MFA) is the better approach. Applying an additional layer of login security (known in some cases as 2-Factor Authentication (2FA)) is the newer approach. MFA is a second authentication step that takes place after a user has entered their password. Accounts are further secured by requesting the user to input a code, which changes on a cycle – usually every few seconds or a couple of minutes. The code is provided to the user via their mobile device through text message or by accessing an authentication app, constantly layering the security offered by needing multiple devices to gain access. Even if the cyber criminal has your main password to the account they may not have access to your device. MFA can be enforced through Microsoft 365 security defaults.
What are Microsoft 365 security defaults?
Security defaults in Microsoft 365 allow you to define security parameters for all your users – no matter where they are operating from, they can be activated to enforce a number of procedures automatically. These are provided by Microsoft at no extra cost and are simply part of the service – provided you are an organization that utilizes at least the free tier of the Azure Active Directory service.
Let’s take a look at what the security defaults include:
- They require all users to register for MFA
- They require users to perform MFA actions upon certain triggers
- They block legacy forms of authentication.
- They require all system administrators to perform MFA.
How to implement security defaults
- Visit your Azure Portal (https://portal.azure.com)
- From the main menu scroll to ‘Properties’
- Click ‘Manage security defaults’
- Move the slider across by clicking ‘Yes’.
After having completed the steps, your users will have to activate MFA on their accounts by entering a mobile number or another method of personalized identification – such as using an authentication application on their device. This is an easy process and is well worth activating in order to guarantee you are doing all you can to protect the security of your system.
Securing your 365 environment
At Grapevine, our team of dedicated engineers can meet any technical challenge you may come across. We take our time in getting to know you, your business, employees, and your goals for the future so we can then find the best technological solution for you to guarantee constant security. Our years of experience leave us primed and ready with all the tools needed to ensure a top-quality service, now and into the future. Contact our team and let us start our journey together today.
Contact our team and let us start our journey together today.