![]() Limit Number of Global Administrator Accounts – The number of global administrators should be kept to a minimum so there are a limited number of accounts with superuser privileges. A breach of a privileged role account could lead to a complete compromise of the Office 365 environment.Ģ. If you cannot enable MFA for all users, at a minimum it should be enabled for all Azure Active Directory privileged roles. The most common Office 365 MFA combination is (1) a user password and (2) confirmation of access to a specific mobile device. ![]() MFA requires multiple types of authentication (e.g., something you know plus something you have) to establish user identity. Implement Multi -F actor A uthentication (MFA) for Privileged Roles – the best way to protect against account compromise is to enforce multi-factor authentication for all users in your environment. SecureSky’s 12 foundational security controls for Office 365 environments are:ġ. If you are familiar with Office 365 security, a number of these foundational controls will not be unexpected – many of the most critical steps to take for Office 365 security are well-known and documented by Microsoft and other organizations, like the Center for Internet Security. Surprisingly, in delivering SecureSky’s cloud security posture management and incident response services, we find few organizations that have even these 12 basic controls fully implemented. H igher - level licensing in Office 365 ( for example E3, E5 Security or additional add-ons) provides even more security functionality to protect Office environments, however none of the controls listed here require any such advanced licensing. While every Office 365 environment has unique attributes, and organizations utilize Office 365 capabilities in different ways, these foundational security controls are essential for security in any organization. ![]() The numbers in this cyber-attack lifecycle illustration correspond to the 12 foundational security controls and indicate the primary stage of a cyber attack in which the security control disrupts the cyber-criminal objectives.Ĭyber Kill Chain ® developed by Lockheed Martin The diagram below illustrates how the security configuration controls can disrupt the sequence of steps used by cyber - criminals to compromise office 365 environments. This blog post presents 12 foundational security controls that should be implemented for every Office 365 environment to deter business email compromise (BEC), account takeover (ATO) attacks, and unauthorized data access. Please note Microsoft continues to evolve their platform and these recommendations are current as of this posting. ” Th e following post is intended to help organizations that may have recently begun using or have increas ed their usage of Office 365. As many organizations continu e to adjust to an extended and potentially permanent remote workforce, dependency on cloud services has increased rapidly – as Microsoft CEO Satya Nadella stated in a recent earnings release – “We’ve seen two years ’ worth of digital transformation in two mont hs.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |