5 best practices for remote workforce office 365 security
TRANSCRIPT
remote workforceOffice 365 security
best practices for
www.manageengine.com/active-directory-360/1
Table of contents
Introduction
Office 365 security challenges with extended remote working model
5 best practices to ensure long-term Office 365 security
Close the security awareness gap
Be vigilant about email-borne threats
OneDrive for Business auditing
Enable alerts for suspicious activities occurring in Office 365
Enabling MFA for Office 365 user accounts
2
2
3
4
4
5
6
7
Introduction
Office 365 security challenges in extendingremote working model
Due to the coronavirus outbreak, businesses around the world have shifted the majority of their workforce to the safety of their homes. Initially, this move was perceived to be a huge drawback as it was believed to disrupt business continuity. Contrary to this premature notion, many businesses are now trying to make remote working permanent for their employees with a main reason being cost-cutting, warranted by the economic impact of the coronavirus outbreak.
However, the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) recommends organizations to not rush into this decision without securing their platforms.
In this e-book, we will talk about securing Office 365 platform while you adopt remote working model in a long run, and review five best practices to ensure long-term Office 365 security for your organization using AD360, ManageEngine's Office 365 reporting, auditing, management, and monitoring solution.
According to Gartner's recent survey, 74 percent of companies believe that at least some of their workforce will be positioned to work from home permanently. However, the CISA has observed that, remote working policies that have been mandated on an unprecedented scale, has led to hasty deployments of cloud-based collaboration suits, such as Office 365. Hence, the decision to extend these policies permanently can lead to oversights in security configurations. On top of this, businesses with shaky security postures are further challenged with adopting long-term remote working policies.
Hence, if you are looking to extend remote work policies in your organization, following are five best practices that can help you ensure maximum Office 365 security in the long run without any hiccups.
www.manageengine.com/active-directory-360/2
www.manageengine.com/active-directory-360/3
best practices for long-term
Office 365 security
1Close the security
awareness gap
2Be vigilant
about email-bornethreats
3OneDrive fo
Business auditing 4Enable alerts
for suspiciousactivities occurring
in Office 365
5Enabling
MFAfor Office 365user accounts
Close thesecurityawarenessgap
1. Before all else, ensure that you train your employees well on security controls, with the help of cybersecurity awareness programs.
This is because when employees were positioned inside the physical confines of their corporate perimeter, majority of the cybersecurity burden would fall on the IT administrators. However, since employees are now shifted to work remotely, the tables have turned.
Since, the IT personnel are not at their vicinity, it is crucial for employees to act responsibly by following all necessary security practices starting from using a stronger password to not falling for a phishing bait.
www.manageengine.com/active-directory-360/4
Be vigilantaboutemail-bornethreats
2. Email-borne threats are not new. They have always been on the rise. According to the FBI, Business Email Compromise (BEC) attacks, popular email related cyberattacks, have alone accounted for more than half the reported losses due to cyberattacks last year—a hundred percent increase from the year before.
Especially at a time like this, where employees are miles apart from each other, the onus falls on email communications to coordinate work among disparate teams. The hackers are savvy-enough to capitalize on this situation for their own financial gains by launching email related attacks.
The FBI have also issues a public service announcement in which it revealed that it is anticipating BEC attacks related to the COVID-19 crisis to rise. Hence, it is crucial to have security practices in place to detect and mitigate such threats through proactive remedial measures.
With AD360's pattern-based content search feature, inbound and outbound emails containing personally identifiable information (PII) can be easily identified. You can also create content search profiles for keywords frequently used in fraudulent emails, and configure alerts to notify you when emails matching the search profile are sent or received by your employees. AD360 also generates reports on your organization's Office 365 mailbox traffic which includes reports on:
Mail traffic summary
Email activity
Top sender
Top receiver
Top spam recipients
Top malware recipients
Detailed Mail traffic
Insights from these reports help IT admins effectively identify any malicious anomalies in email activity. You can also schedule these reports to run at fixed intervals, be emailed to administrators, and be exported to multiple formats, such as CSV, XLS, PDF, or HTML.
www.manageengine.com/active-directory-360/5
OneDrive forBusinessauditing
3. Many organizations store business critical information—such as HR data, customer data, and financial records—on OneDrive for Business. Hence, it is essential to know how this data is handled in your organization.
With AD360, you can keep a close eye on activities performed on your data by monitoring file and file sharing activities, as well as sync activities in your OneDrive for Business environment.
OneDrive files and folders: Files and folders
accessed, updated, deleted, restored, downloaded,
moved, modified, and more.
OneDrive sharing: Sharing invitations, accepted
and rejected access requests, created, accepted,
and deleted file-sharing activities, and more.
OneDrive sync: Allowed and blocked computers to
sync files, downloaded files to computer, uploaded
files to document library, and more.
www.manageengine.com/active-directory-360/6
Enablealerts forsuspiciousactivitiesoccurring inOffice 365
4. With employees working from the comfort of their homes, with access to business-critical data, the risk of exposure of this data also increases proportionately. This makes it easier for any data exfiltration attempts to happen — either deliberately or accidentally. In any case, you should be the first one to be notified. Hence, it is imperative to have appropriate security measures in place to be notified about suspicious activities that need immediate attention. With AD360 you can configure real-time email notifications for any suspicious activity. This helps in early detection of threats that can potentially snowball into security disasters. You can create alert profiles and configure them to send custom messages to administrators when an undesired action occurs inside your Office 365 setup. You can get the information on the severity of the action that triggered the alert, the user who performed the action, the time it occurred, and more.
With employees working from the comfort of their homes, with access to business-critical data, the risk of exposure of this data also increases proportionately. This makes it easier for any data exfiltration attempts to happen — either deliberately or accidentally. In any case, you should be the first one to be notified. Hence, it is imperative to have appropriate security measures in place to be notified about suspicious activities that need immediate attention. With AD360 you can configure real-time email notifications for any suspicious activity. This helps in early detection of threats that can potentially snowball into security disasters. You can create alert profiles and configure them to send custom messages to administrators when an undesired action occurs inside your Office 365 setup. You can get the information on the severity of the action that triggered the alert, the user who performed the action, the time it occurred, and more.
Receiving an authentication code via text.
Receiving an authentication code via phone call on a mobile or office number.
Receiving a notification via an authentication app.
Viewing a one-time password (OTP) in an authentication app.
EnablingMFA forOffice 365useraccounts
5.
AD360 is an integrated identity and access management (IAM) solution for managing user identities, governing access to resources, enforcing security, and ensuring compliance. From user provisioning, self-service password management, and Active Directory change monitoring, to single sign-on (SSO) for enterprise applications, AD360 helps you perform all your IAM tasks with a simple, easy-to-use interface. With AD360, you can just choose the components you need and start addressing IAM challenges across on-premises, cloud, and hybrid environments from within a single console.
For more information about AD360, please visit www.manageengine.com/ad360.