Microsoft 365 services such as Email, Teams and the Office Suite have become essential components of the operations of countless organizations worldwide. Unfortunately, the popularity of these services has also caught the attention of cyber criminals as a means of accessing corporate networks. On average, 1.2 million Microsoft accounts get compromised every month. Data theft and other nefarious activities have wreaked havoc on many organizations.
Improved Microsoft 365 Security
BSC Solutions Group recently implemented improved Microsoft 365 security for our business clients in a number of ways*. Here are 5 of them:
1. New software tools send alerts to our support team about real-time threats detected against any of our clients’ Microsoft 365 accounts. Examples of activities that would generate alerts are:
- A change in mail-forwarding rules or user permissions would be considered potentially suspicious.
- An account login from another country that the user is not located in
- Multiple account logins over a short period of time from locations that are geographically far apart and therefore impossible.
2. A regular automated audit process provides us with recommendations about further securing each of the Microsoft 365 Tenant accounts that we manage for our clients.
3. We now monitor any changes made to the Microsoft environment for our client tenant accounts, to ensure that any changes are authorized ones.
4. We are able to run a report that tracks which accounts are protected by Multi-factor Authentication (MFA) and by which methods. This will identify users who may need assistance with implementing MFA.
5. If a serious security incident were to occur, we can quickly lock one or multiple accounts, reset passwords and block sign-in.
Many other Microsoft 365 security best practices continue to be in place to protect our clients’ accounts as much as possible.
Recommendation
We recommend you ensure your IT support team is taking these extra measures to protect your Microsoft 365 accounts. If not, give us a call to talk about what we can do to improve your organization’s cybersecurity.
* These added protections are now automatically included for our Comprehensive Support Agreement Clients.