How To Reduce Threat Of Ransomware In Microsoft 365

With the growing risk of businesses suffering a data breach, it makes sense to take advantage of the array of security tools in Microsoft 365 or at least sense check what your IT Support Team and those responsible for IT Strategy are proactively doing to reduce risk.

Cybersecurity has garnered attention with a growing number of high-profile data breaches in recent years. Although multinational companies are targeted by sponsored hackers at the top of their game, businesses of all sizes are under threat.

It is estimated that around 43% of cyberattacks target small businesses. Moreover, hacking is being offered as a service (HaaS). Various tools are available on the dark web.

In general, cybersecurity defences consist of data encryption, endpoint security tools and patch management. However, the traditional techniques are more complicated for companies with a distributed workforce.

The National Institute of Standards and Technology (NIST) report that over 18,000 vulnerabilities were discovered in software in 2021. However, the real failing is that vulnerabilities are not being addressed, either because a company has not identified the gateway or because firms are not tale precautionary action and enforcing security updates.

Protecting your business network from a data breach requires a multifaceted approach. For organisations with Microsoft 365 Business or Enterprise, there is a host of data protection tools at your disposal.

Microsoft 365 Secure Score

The best place to start with security analysis in Microsoft 365 is Secure Score in the Defender Portal. Here you will find indicators that determine the level of protection for apps, devices and infrastructure. You will also find recommendations showing you how to improve your security score.

Multi-factor authentication (MFA)

Multi-factor authentication doesn’t really need any introductions. And yes, MFA can sometimes feel like a pain in the proverbial but, trust us, it adds a valuable layer of protection to your security fence.

In the not-too-distant future, we expect to see more biometric MFAs. Biometrics of a fingerprint or retinal scan will be far easier and less annoying than the verification code solution. Most people already have their biometric data stored on their phone to laptop anyway.

Mobile Device Management (MDM) 

The increase in remote working means your employees are accessing your business network on their personal devices. This is likely to be the case even if you haven’t formally launched a Your Own Device (BYOD) scheme.

Microsoft’s built-in MDM combines six different tools that give you more control over which devices are permitted access to your business network. In addition to the security technology, administrators can set permissions to limit the number of access points individuals have within the network or an app from remote locations.

Advanced Email Threat Protection (ATD)

It is thought around 96% of cyber attacks start with an email. Cybercriminals try to prompt or trick recipients into clicking a malicious link or downloading an attachment.

Microsoft’s native threat protection for Office 365 scans emails for code and techniques that are known to be used in cyber attacks. This prevents the emails from reaching your employees’ inbox in the first place, effectively removing the risk in the first instance.

Microsoft 365 Encrypted Emails 

Outgoing emails arguably pose more risk of a security threat than incoming emails. If you’re sharing sensitive data such as email addresses, credit card details, social security numbers, or health records, you put your customers at risk of a data breach.

For example, Gloucester police were fined £80,000 by the Information Commissioner’s Office when an email was sent to multiple recipients because an administrator inadvertently placed all the email addresses of recipients in the cc column instead of the bcc column.

Emails can also be intercepted by hackers. Microsoft 365 can encrypt emails so the contents can only be viewed by the intended recipient safeguarding you against data loss. Use the email templates or customise DLP policies to suit your needs.

Azure Identity Protection 

Azure, Microsoft’s cloud server, uses machine learning to identify unusual activity such as someone trying to log in from a different location or flag up multiple login attempts in a short space of time.

When suspicious activity is detected, it locks out the user. Whilst this can be annoying for employees that forget their password when attempting to login from a location they don’t ordinarily go – like if they move house or travel for business purposes – the sign-in can be shut down. An administrator would then have to reset the password.

Permissions 

To safeguard sensitive data, it’s good practice to only allow access to personnel that need the information to perform a function. Setting permissions determines who can access a particular file or app.

For example, only members of the accounts team can access spreadsheets and apps used for accounting purposes. C-suite executives can only access top-secret files.

Activate Anti-Phishing Protection

Its good practice to store sensitive data in protected environments and limit access. Anti-phishing protection for Microsoft 365 blocks attempted cyberattacks from accessing custom domains.

You activate anti-phishing protection via the Microsoft 365 Defender Portal by navigating to Email & collaboration>Policies & rules>Threat policies>Anti-phishing>Create. All you need to do then is add the name, write a description and select the relevant settings. Then press save. Job done.

Enterprise Mobility + Security

Companies that deploy a remote workforce are most at risk from unsecured personal devices. To significantly reduce the risk, Microsoft 365 offers an additional security option that combines Azure Active Directory, Rights Management, InTune, and Threat Analytics.

If the add-on service is not in your budget range, the alternative is to install employee devices with anti-virus software, automated application updates and enforce multi-factor authentication.

Microsoft 365 Cybersecurity Awareness Training

Microsoft 365 cannot provide your staff with cybersecurity training, but your staff can be given cybersecurity awareness training for Microsoft 365. If employees are alert to the threat of cyberattacks and know how to identify and deal with them, you significantly reduce the risk of suffering a data breach.

Our experienced specialists offer IT security training covering topics such as:

• how to recognise phishing attacks
• what to do if you suspect a threat
• what is a strong password and what is not
• the importance of updates to protect devices

We also recommend taking advantage of our patch management services to ensure that all the software on your business network is updated promptly and with the least amount of disruption to your employees.

The most impactful thing you can do right now is to stop and think. Schedule an hour with your senior team and your IT Partner to talk about and sense check your current systems and processes. This could quite possibly be the most important thing you do this year. If you don’t have an IT support team or have lost faith in their ability, or just want to be sure what they suggest makes sense, then give our Team at Micro Pro a call for some impartial advice.