Security for Microsoft 365

One of an organisation's most valuable asset is its data. Failure to protect it can result in catastrophic consequences. With more data, on more devices, coming from more places, Internal IT teams are finding it increasingly difficult to secure critical company data in the burgeoning threat landscape.

Barely a week goes by without media coverage of a severe organisational data breach. The immediate damage can be a significant loss of profits and a steep fall in productivity, as well as the reputational damage and loss of trust that ensues. Studies indicate in the longer term, organisations that experience data breaches significantly underperform the market in the following 36 months or in many cases cease operations entirely. 

Business Benefits

  • Multi-Faceted Security: By adding authentication methods that can't be guessed such as mobile device authentication and biometrics, risk of malicious logins, social engineering attacks and elaborate phishing techniques is mitigated. 
  • Simplicity: MFA allows businesses to provide a highly secure log in process, that is simple for end-users while at the same time being extremely difficult to compromise.
  • Achieve Compliance: MFA is an increasingly prevalent requirement in organisational security standards. Scope of compliance in these standards applies to both the organisation applying and its business partners. 
  • Built-in AI: Detect, analyse and automatically respond to real threats quickly with AI. Powered by machine learning, Azure Sentinels AI feature investigates trillions of security breaches - daily. Deep Investigation: Azure Sentinel's threat investigation feature deeply analyses and detects threats, which can be filtered by criteria. Search and query integration allows administrators to easily navigate large pools of threat data. 

365 Security Solution

OneNet Solution

While it is never possible to guarantee an organisation’s information security, there are key, targeted strategies which can be implemented to significantly mitigate risks and allow for rapid response in the event of a (suspected) compromise. OneNet’s Security For 365 solution focuses on two of the primarily exploited weaknesses in an organisations security posture – identity and email.

Your staff’s Identity (credentials) are the entry point to your organisations applications and data. Maintaining the security and integrity of users identities, without burdensome and complex security requirements, is key to meeting the balance of secure and simple access to enable staff productivity and collaboration. OneNet’s managed solution is based on a suite of Microsoft services including Multi-Factor Authentication which is a key tool to assist ensuring that the person accessing your environment is the person they say they are. MFA is a proven method for significantly increasing an organisations security posture and reducing security incidents.

Email is likely one of the most common ways that people outside your organisation interact with people inside your organisation. Because of this, it is one of the most commonly exploited entry points for vulnerabilities to access your network. Prevention is one part of the solution, however due to the human component, being able to rapidly identify and respond to (suspected) malicious activity is key. OneNet managed solution utilises Microsoft’s Azure Sentinel (Security Incident Event Management) service to collect and analyse data from your Office 365 environment and uses AI and Machines Learning to rapidly identify and respond to security incidents. Where necessary, alerts are automatically escalated and responded to by OneNet’s trained security response team.

Technical Solution

Multi-factor authentication is a process where a user is prompted during the sign-in process for an additional form of identification, such as to enter a code on their cellphone or to provide a fingerprint scan.

If you only use a password to authenticate a user, it leaves an insecure vector for attack. If the password is weak or has been exposed elsewhere, is it really the user signing in with the username and password, or is it an attacker? When you require a second form of authentication, security is increased as this additional factor isn't something that's easy for an attacker to obtain or duplicate.

 Azure Multi-Factor Authentication works by requiring two or more of the following authentication methods:

  • Something you know, typically a password.
  • Something you have, such as a trusted device that is not easily duplicated, like a phone or hardware key.
  • Something you are - biometrics like a fingerprint or face scan.

Users can register themselves for both self-service password reset and Azure Multi-Factor Authentication in one step to simplify the onboarding experience. Administrators can define what forms of secondary authentication can be used. Azure Multi-Factor Authentication can also be required when users perform a self-service password reset to further secure that process.

 

Microsoft Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Azure Sentinel provides a birds-eye view across the enterprise alleviating the stress of increasingly sophisticated attacks, increasing volumes of alerts, and long resolution timeframes.

  • Collect data at cloud scale across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds. 
  • Detect previously undetected threats, and minimize false positives using Microsoft's analytics and unparalleled threat intelligence. 
  • Investigate threats with artificial intelligence, and hunt for suspicious activities at scale, tapping into years of cybersecurity work at Microsoft. 
  • Respond to incidents rapidly with built-in orchestration and automation of common tasks.