Microsoft & Azure are Preventing Ransomware & Data Breaches!
It seems like it’s about once a week we hear about high profile security breaches and data hacks on major companies such as Target, Home Depot, Apple, Google, and more. Almost 90% of these data breaches exploit the system login credentials (no, it’s not extreme Hollywood style hacking) by merely getting someone’s username and password. For many companies, it’s even worse with the creation of Ransomware. Companies now have a new threat to deal with in the world of information security. Ransomware takes over a user’s system and locks them out, allowing them a time window to pay or their data gets uploaded to a server and published for sale to other hackers and identity thieves.
Leading organizations are now recognizing that this is only going to get worse. To prevent Ransomware and to stop data breaches, they are focused on securing the end users identities. Multi-factor authentication (MFA) is becoming a prevalent method for doing this as MFA requires them to provide more than just a password to access the network, software or even the computer. These additional factors (multi-factor) authentication require the user to offer something that only the user knows, has and is. This means that they must have both your computer, mobile phone, and password, as well as the password to one of those devices.
Microsoft has been on the leading edge of Information Security and Cloud Security since Satya Nadella took over as CEO. The focus on cloud Infrastructure with Microsoft Azure is at an all–time high, and with new emphases on adding AI to cloud security to decrease the risk of hackers getting your companies data or locking you out with ransomware prevention, Microsoft is taking the lead!
Here are 5 Reasons You Need to Implement Multi-Factor Authentication NOW!
- By Mid-2017, data breaches were increasing at record pace rising 34% in the first half.
- News reports on the major companies that suffer data breaches, however, 31 percent of all attacks are aimed at businesses smaller than 250 employees.
- Criminals and hackers don’t just steal data; they change the code, destroy data and users, use servers to spam, and transmit more malicious code. They are perpetuating the cycle.
- Stolen or weak user credentials are a hackers dream, using them in over 95 percent of all web attacks.
- In 2019, Identity theft is now a high-reward, low-risk type of crime that is a threat to all businesses. It is the fastest-growing crime and more profitable than drug-related crimes.
Microsoft realizes it’s an obligation to keep everyone, from their small business customers to their enterprise corporations, secure. They have spent the last few years repositioning their cloud security around the industry and launching new initiaves around what is called an “operational security posture.” According to CEO Satya Nadella, who said in a 2015 interview about security, it is the “most pressing issue of our time.” Knowing this, the Microsoft team has done a great job taking steps to make sure that if you’re a team of 5 or 5,000, you’re going to be safe in the cloud.
Unsecured Office 365 Access and Wire Fraud
Over the past few months and years, we’ve had the opportunity to speak with customers and partners who have a critical need to get ahead of this problem before it costs them hundreds of thousands, if not millions of dollars. Recently, one hacker gained access to an unsecured Office 365 account of a CEO of financial services and insurance company with about 15,000 users. The attack came in the form of viewing the CEO’s email and calendar to find an opportunity. The CEO was looking to meet with a major supplier to close a deal, the attacker took this information and used the compromised email account to then send an email to the CFO. This email said: “Since I am stuck in the meeting, please wire the funds by the end of the day as the last step to close this deal. Here are the details…” – They lost over $1M over several wire transfers.
Another thing that has become common for attackers are to target the accounts of employees from the accounts receivable or payable department. After helping to detect the compromised accounts the hacker logged into these accounts and changed core payment details and emailed legitimate invoices to the company’s business partners. Thankfully, one of the partners called to confirm if it was a valid change. This should not be a line of defense that is ever acceptable in your organization.
Microsoft’s latest addition to the Microsoft 365 line of Azure enabled security features. Office 365 Advanced Threat Protection is changing the way we think about Cloud Security. This includes security not only to the office suite of products but to Microsoft Dynamics 365 CRM, as well as SharePoint and OneDrive. So, what is Office 365 Advanced Threat Protection? Well, in short, it’s securing your mailboxes against advanced threats from intrusion as well as viruses, malware, and ransomware.
Protect your environment when users click malicious links
Exchange Online Protection provides protection against malicious links by scanning content. Safe Links expands on this by protecting your environment when users click a link. While the material is being scanned, the URLs are rewritten to go through Office 365. The URLs are examined in real time, at the time a user clicks them. If a link is unsafe, the user is warned not to visit the site or informed that the site has been blocked. Reporting is available, so administrators can track which users clicked a link and when they clicked it.
Protect against unsafe attachments
With Safe Attachments, you can prevent malicious attachments from impacting your messaging environment, even if their signatures are not known. All suspicious content goes through a real-time behavioral malware analysis that uses machine learning techniques to evaluate the content for suspicious activity. Unsafe attachments are sandboxed in a detonation chamber before being sent to recipients. The advantage is a malware free and cleaner inbox with better zero-day attack protection.
All of this is great; however if you don’t have Multi-Factor Authentication enabled, you’re putting your systems at risk! Think about it! Microsoft Dynamics 365 – Your CRM and ERP platform, all your customer data, financials, and manufacturing data. You could be exposing your entire company to hackers. Imagine if your system admin were to be compromised? You could be hemorrhaging data from your CRM and never even know. Microsoft Dynamics 365 CRM has all the tools that Office 365 does for Advanced Threat Protection, including protection for Data Uploads, as well as user administration through Active Directory. What about Azure, your cloud storage, cognitive services, or data warehouses, no MFA? You’re needlessly putting all that at risk! Multi-Factor Authentication for Microsoft Dynamics 365 is as simple as setting it up in Office 365! It’s all done from the Administrator Portal in Azure.
Microsoft Office 365 is the core to the Microsoft 365 stack, which includes Dynamics 365 CRM and Azure. An important security tip to remember that there are ways to connect with Exchange Online (as part of Office 365) and Exchange not covered by two-factor authentication. This is caused when you do not have modern authentication implemented or available across your systems. Companies with hybrid email configurations (i.e., have on-premises Exchange Servers), this uses applications that interface via Exchange Web Services (EWS), or ActiveSync; they may not be protected by your multi-factor authentication. This creates gaps that can be used by attackers when attempting to connect to a user’s Office 365 email to use trusted accounts and launch attacks.
With this in mind, we understand that adequate protection against a compromise of your Office 365 account means you need to have exceptional threat detection, detailed logs to trace the attacker’s locations within your system, and the ability to automate remediation.
If you’re ready to get started on how to set up Windows Multi-Factor Authentication: Check out this great link from Alex Simos on the Microsoft Tech Community Blog!
If you’d like to learn how to buy Office 365 Advanced Threat Protection, contact us today! Any questions about Multi-Factor Authentication or would like more information about Azure Cloud Security, Microsoft Dynamics 365 or Office 365 Security and Setup – Please Contact Us.