Full protection against Phishing and Zero-Day Malware
Here at Tech Success, we take security in the cloud and on-premise very seriously. In the last decade, statistics have shown that more than 90% of targeted attacks start with email. Email is the number one form of communication in the corporate world and has also become a repository for important and sensitive company data. For example, if someone was to get unauthorised access to your mailbox, information such as usernames and passwords, credit card information, employee's payslips, bank transaction statements, and a lot more would be leaked.
These threats and attacks are always evolving, becoming more sophisticated and difficult to detect. As a result, your Office 365 security posture must be strengthened to keep up with these changes. It is for these reasons that we’re taking a “no compromise” approach to ensure that security in terms of monitoring, protection and prevention is applied to:
1- User accounts that are accessing company data that Tech Success manages.
2- Backend environment where the data reside and is accessed from e.g. SharePoint, Exchange Online, etc
3- Applications used to access and retrieve the data e.g. Outlook, Browser, Excel, OneDrive, 3PA, etc.
4- Systems (e.g. computers, mobile devices) that have the applications that are used to access the data.
Conditional Access
Australia is the most cyber-attacked nation in Australiasia. According to a 2018 study from CISCO, 90% of companies reported over 5000 cyber threats per DAY.
With conditional access, we’ll control how authorized users access cloud apps. For instance, when coupled with MFA, a conditional access policy can enforce MFA on users when accessing company resources from outside the office network. This prevents unauthorised parties from gaining access to your data with simply a username and password. We can also set conditions on the type of devices and apps used to access data. The Baseline end user protection policy will also be enabled. This policy protects users by requiring multi-factor authentication (MFA) during risky sign-in attempts to all Office365 applications. Users with leaked credentials are blocked from signing in until a password reset. This feature requires 1x Azure Active Directory Premium license to be assigned to the global admin account only.
Cloud App Security (Advanced Alerts)
With Office 365 Cloud App Security, we can set up notifications of triggered alerts for a typical or suspicious activities, see how your organisation's data in Office 365 is accessed and used, suspend user accounts exhibiting suspicious activity, and require users to log back in to Office 365 apps after an alert has been triggered. You can also add other 3rd party cloud solutions to Cloud App Security to monitor and alert (see a screenshot of the list).
Further information can be found here https://docs.microsoft.com/en-us/cloud-app-security/what-is-cloud-app-security.This feature requires 1x Microsoft Cloud App Security license to be assigned to the global admin account only.
ATP is a government-grade security solution which simply connects to the Office 365 suite with unique cloud technology for an extra layer of protection that blocks Australasian cyber-attacks that are designed to bypass the standard security practices.
Data Loss Prevention (DLP)
To comply with business standards and industry regulations, organizations must protect sensitive information and prevent its inadvertent disclosure. Sensitive information can include financial data or personally identifiable information (PII) such as credit card numbers, social security numbers, or health records. With a data loss prevention (DLP) policy in the Office 365 Security & Compliance Centre, you can identify, monitor, and automatically protect sensitive information across Office 365 from being leaked intentionally or unintentionally by staff.
With a DLP policy, we:
- Identify sensitive information across many locations, such as Exchange Online, SharePoint Online, OneDrive for Business, and Microsoft Teams.
- Prevent the accidental sharing of sensitive information.
- Monitor and protect sensitive information in the desktop versions of Excel, PowerPoint, and Word.
Help users learn how to stay compliant without interrupting their workflow. - View DLP reports showing content that matches your organization's DLP policies.
You can continue to read more about DLP here https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies
This requires an E3 or E5 license per user per month. Note that this replaces existing Business Essentials and Business Premium licenses. There is also a reinstallation of Office Apps on workstations and mobile devices.
Microsoft Advanced Threat Protection (ATP)
Office 365 Advanced Threat Protection (ATP) will safeguard your organisation against malicious threats posed by email messages, links (URLs) and collaboration tools. More info here https://products.office.com/en-au/exchange/advance-threat-protection
ATP implementation will involve:
- ATP Safe Attachments - Provides full protection against your email system, by checking email attachments for malicious content.
- ATP Safe Links - Provides time-of-click verification of URLs in emails messages and Office files.
- ATP for SharePoint, OneDrive, and Microsoft Teams - protects your organisation when users collaborate and share files, by identifying and blocking malicious files in team sites and document libraries.
- ATP anti-phishing protection - Detects attempts to impersonate your users and custom domains. It applies machine learning models and advanced impersonation-detection algorithms to prevent phishing attacks.
- Attack Simulation (e.g. Phishing training) - this has already been elaborated. Refer to the user accounts section above
- Reporting - schedule reviews of ATP reports to identify potential attacks and vulnerabilities in your organisation. For example, if reports show that a mailbox gets the most amount of spam and malware-infected emails, we can increase the level of detection for that specific mailbox.
These features require an Advanced Threat Protection (ATP) Plan 1 license per user per month. Note that simulation attacks and granular investigation and reporting only come with Plan 2.
Full Configuration of SPF & DMARC
We look to configure these records in your environment to further strengthen your Office 365 email security platform. This is applicable to you if you have 3rd party applications such as Salesforce and Mailchimp that send emails on your behalf using your domain in the from email address.
· SPF (Sender Policy Framework) - is a DNS text entry which shows a list of mail servers that should be considered allowed to send mail for a specific domain.
· DKIM (Domain Keys Identified Mail) - should be instead considered a method to verify that the messages’ content is trustworthy, meaning that they weren’t changed from the moment the message left the initial mail server.
Sensitive Label
We look implement Sensitive Labels to work hand-in-hand with DLP to classify and help protect your sensitive content while making sure that your users' productivity and ability to collaborate isn’t hindered. For example, your users can apply a Confidential label to a document or email, and that label can encrypt the content and apply a Confidential watermark. You can read more about it here https://docs.microsoft.com/en-us/office365/securitycompliance/sensitivity-labels
This requires an E3 or E5 license per user per month.
Note that this replaces existing Business Essentials and Business Premium licenses. There is also a reinstallation of Office Apps on workstations and mobile devices.
Talk to an expert
We'd love the opportunity to sit with you and discuss technology and your business