sharepoint – Objective Technologies

Addressing the security challenges Microsoft 365 users face

Objective — Wed, 29 Jun 2022 20:00:14 +0000

Microsoft 365 is one of the most popular suites of cloud-based tools and services used by businesses of all sizes. But while it offers robust security measures, the evolving cyberthreat landscape relentlessly puts Microsoft 365 users at risk. This is why Microsoft is constantly looking for ways to address security issues so that your IT environment and data are protected. In this blog post, we will discuss some of the most common Microsoft 365 security risks and how you can keep your business protected.

Infected file synchronization

Like most cloud services, Microsoft 365 allows users to automatically sync files stored on their devices to the cloud, such as in OneDrive. However, this useful feature is not without security risks. If a locally stored file is infected with malware, OneDrive will view the file as changed/updated and trigger a sync to the OneDrive cloud, with the infection going undetected.

Microsoft Defender for Cloud Apps is a great tool against malware infection. Part of Microsoft 365 Defender, this app is designed to enhance protections for Office 365 apps. It also provides great visibility into user activity to improve incident response efforts. Make sure your organization’s security administrators set this up on your systems so you can detect and mitigate cyber risks as soon as they arise.

Security risks in dormant applications

Some organizations using Microsoft 365 often don’t use all the tools and services included in the productivity suite. For instance, your organization might use programs like Word, Excel, and SharePoint every day, but rarely use OneDrive. Unfortunately, dormant applications may be prone to attack. To counter this, it’s crucial to identify unused apps and have an administrator tweak user settings to restrict availability on these apps.

Unprotected communication channels

Phishing attacks and malware are two of the most common ways cybercriminals infiltrate a system, but there are other paths of attack that you may not be aware of. Microsoft 365 applications like Microsoft Teams, which can connect to external networks, may serve as a medium for ransomware and other types of cyberattacks.

To fight against such threats, train your staff in identifying potentially malicious files and links. You can also offer guidelines on how to handle and route sensitive files and communications to safe locations.

Vulnerabilities in SharePoint

Businesses typically use SharePoint to store sensitive information like personally identifiable data, so failing to secure SharePoint content against unauthorized users is one way to expose data and your business to cyberthreats. This can be disastrous for companies that are required to comply with stringent data privacy and protection regulations. Failure to comply may result in serious consequences not only for businesses but their customers as well.

To prevent this, limit administrator-level privileges and enable encryption. Additionally, set the necessary security restrictions per user for every application. This ensures that users and hackers who get a hold of user credentials cannot exploit or misuse privileges.

Microsoft 365 provides a powerful and convenient tool for businesses. However, as long as cybercriminals exist, there are always security risks to be aware of. If you have any questions about Microsoft 365 security or would like help in implementing these tips, our team of experts would be happy to assist you. Contact us today!

Published with permission from TechAdvisory.org. Source.

Microsoft 365 security pain points and how to solve them

Objective — Mon, 03 May 2021 20:00:25 +0000

Many businesses prefer Microsoft 365 not only because of its powerful features and cost-saving benefits, but also because of its world-class security. However, the cyberthreat landscape is constantly evolving, so using this suite of cloud-based tools and services will always come with security challenges. Fortunately, Microsoft is continuously looking for ways to address these issues to ensure that your environment and data are protected.

Vulnerabilities in SharePoint

Businesses typically use SharePoint Online and on-premises SharePoint sites to store sensitive information like personally identifiable data. Failing to secure SharePoint content against unauthorized users is one way to expose data and your business to malicious actors. This can be critical for companies that are required to comply with stringent data privacy and protection regulations and may face serious consequences for noncompliance.

To prevent this, limit administrator-level privileges and enable encryption. Additionally, set the necessary security restrictions per user for every application.

Unprotected communication channels

Phishing attacks and malware are two of the most common ways cybercriminals infiltrate a system, but there are other paths of attack. Microsoft 365 applications like Microsoft Teams, which can connect to external networks, may serve as a medium for ransomware and other types of attack.

Train your staff to identify potentially malicious files and links. Also, offer guidelines on how to handle and route sensitive files and communication to safe locations.

Security risks in dormant applications

Organizations using Microsoft 365 often won’t use all the tools and services included in the productivity suite. You may use one or several programs like Word, Excel, and SharePoint but rarely use OneDrive. If your business has been utilizing specific programs, note that some dormant applications may be prone to attack. This is why it’s crucial to identify the apps that aren’t being used, and have an administrator tweak user settings to restrict availability on such apps.

File synchronization

Like most cloud services, Microsoft 365 allows users to automatically sync on-premises files to the cloud, such as in OneDrive. This useful feature is not without security risks, however. If a file stored locally is infected with malware, OneDrive will view the file as changed/updated and trigger a sync to the OneDrive cloud, with the infection going undetected.

Office 365 Cloud App Security, a subset of Microsoft Cloud App Security, is designed to enhance protections for Office 365 apps and provide great visibility into user activity to improve incident response efforts. Make sure your organization’s security administrators set it up on your systems so you can detect and mitigate cyber risks as soon as possible.

Cybercriminals will continue to sharpen their hacking techniques, and your organization must keep up to protect your systems, apps, and devices. Call our team of IT experts now if you want to strengthen your business IT security.

Published with permission from TechAdvisory.org. Source.

Which Microsoft 365 plan is the right one for you?

Objective — Mon, 12 Apr 2021 20:00:57 +0000

The award-winning productivity suite Microsoft 365 comes in several different packages to suit the budgets and needs of various types of businesses. Read on to learn which one is best for your company.

Information workers or frontline workers?

Microsoft 365 is the obvious choice if you’re running cloud-based business systems, but the main question is which suite will serve your needs best. Microsoft has packaged their Microsoft 365 offerings to fall under two types of bundles: Information Worker plans and Frontline Worker plans. Both of these plans will give you access to Office 365 and file hosting service OneDrive, but there are significant differences between the two.

Under the Information Worker suite, there are two Microsoft 365 plans you can customize as per your needs: E3 and E5. You can expand said suite with specific service sets your business needs, such as a standalone Office 365 system, Enterprise Mobility + Security tools, and even sets of the Windows 10 operating system. Meanwhile, the Frontline Worker suite (F1, F3, and F5) is more compact, with Office 365 F3 being the only available add-on.

Microsoft 365 E3 and E5 plans have unlimited archive and mail storage space. They also come with advanced analytics tools such as Delve, MyAnalytics, and PowerBI, all of which are unavailable on the Frontliner plans. Information Worker plans also include access management, threat protection, endpoint management, and other advanced tools absent in the Frontline Worker suite.

In terms of SharePoint, a collaborative platform and document and storage system, Frontline Worker plans are short on enterprise search, Excel services, and Visio — a diagramming and vector graphics app — features. Frontline Worker plans also do not have unified communications.

With these points in mind, it may seem like Information Worker subscriptions are superior — and in many ways, they are — but Frontline Worker plans are more suited for smaller companies running on a tight budget. Microsoft 365 F1 and F3 cost $2.25 and $8 per user per month, respectively, while Office 365 plans E1, E3, and E5 cost $8, $20, and $35 per user per month, respectively.

As a general rule, only consider subscribing to the Information Worker plans when your employee headcount exceeds 50 people and users require more storage space solutions and advanced analytics. Otherwise, Frontline Worker plans should suffice.

E3 or E5

Once you’ve decided to go for the Microsoft 365 Information Worker plans, you need to choose which plan (E3 or E5) suits your business requirements.

E3 offers basic solutions, such as Outlook, Word, OneNote, PowerPoint, and Excel for $32 per month. It also provides access to SharePoint Team sites, video conferencing, and Yammer for social media for businesses.

E5, on the other hand, provides all E3 features together with unified communications, PowerBI, Microsoft Defender, Application Guard, and Safe Documents. It also comes with more cloud security tools, risk-based conditional access, privileged identity management, and both automatic and machine learning-based sensitivity labels. E5 costs $57 per month.

Small- and medium-sized businesses often select E3 and subscribe to third-party applications for their cloud security and VoIP needs. But for more robust data management and security requirements, the E5 plan is the way to go.

Migrating to Microsoft 365 is not an overnight task, and if you’re still undecided about which plan to opt for, contact us today. We won’t just provide Microsoft 365; we’ll also assess your business to find the best plan that fits your budget and business goals.

Published with permission from TechAdvisory.org. Source.