Over a million companies rely on the suite of services called Microsoft 365 for productivity.
Bundled apps and cloud-based tools like this one allow businesses and individuals the freedom to up- or download information from any location, accelerating the pace of business.
Microsoft 365 includes various frequently-used tools, including Outlook, OneDrive, Word, Excel, PowerPoint, OneNote, SharePoint, and Microsoft Teams.
Hackers looking to disrupt or hold business information for ransom often target cloud suites like this for vulnerabilities in several ways.
Each of the tools and services provided offers opportunities to explore security weaknesses, which has made Microsoft 365 a target of nefarious activity for several years.
Combining several techniques to weave together a less permeable barrier between your data and bad actors can be the best solution.
Start with Microsoft’s Defender app and ensure that your email is protected in the following ways for optimal security:
Table of Contents
1. MFA: Multifactor Authentication
Multifactor authentication adds a layer of security to the perennial problem of reused passwords.
By requiring employees and clients to improve once-lazy log-in habits, you’re reminding them of the importance of account security.
Social engineering hackers have worked hard to break through run-of-the-mill security measures, particularly by posing as IT professionals.
Inattentive and gullible employees or system users are likely to allow access to their desktops when a hacker claims to be testing the security or installing updates.
Reasons for multifactor authentication include:
- the high rate of hacked accounts,
- passwords may be easily guessed,
- user names are frequently the same as email addresses, and data breaches and social media have made vast amounts of personal information easy to find.
MFA requires multiple steps to enter an account, starting with the username and password. For security, an additional step is required using one or more of the following:
- a secure authenticator app that is accessed via the account holder’s phone,
- a multi-digit passcode texted to the account holder’s phone,
- a security token that generates a passcode during log-in, or
- a biometric identifier such as a fingerprint or retina scan.
2. Increase Malware Protection With Attachment Type Filtering
Hackers launch malware attacks through IP addresses or use bots to identify company email addresses with the same domain.
By flooding potential email users with requests and social engineering demands, they hope to find one who accidentally clicks on a link provided and downloads malware designed to spread within the domain.
Blocking entire attachment types, including executable files, is a solid first step in keeping hackers at bay.
Suppose companies can collect data on emails and isolate the sources of such phishing emails. In that case, IP lookups can also be used to block senders.
Here’s how to filter attachments:
- Using the MS Exchange (email) Admin Center, click on “mail flow” and select “create a new rule” from the drop-down menu.
- Name the rule (i.e., “blocked file types”) and go to the bottom of the page to “more options.”
- From here, select the types of file extensions to which the blocking rule should apply and whether the email should be quarantined or rejected.
3. Protect Against Ransomware Macros
Ransomware has been a colossal headache for large organizations like hospitals and universities with little control over individual users.
Macros are files that automatically execute when an attachment is opened. The ransomware unleashed by a macro is a type of malware that locks up files until a fee is paid, usually in untraceable cryptocurrency.
To launch these lucrative attacks, hackers often exploit the vulnerability of individual users with social engineering.
They use veiled and threatening language to prompt email recipients to open malware-containing attachments.
The best way to prevent ransomware macros from launching malware is to use Microsoft 365’s administrator function to disable all macros.
Educating system users about malware is another critical aspect of protection.
Understanding and adjusting attachment settings, as suggested by Microsoft Defender’s Attack Surface Reduction Rules, is key. Start with a high threshold and make adjustments according to user feedback when necessary.
4. Disable Auto-forwarding
It may not be apparent when hackers compromise an organization’s cloud software.
Good IT departments are always on the lookout for indications that their system has been infiltrated, and the sign may be as innocent as automatically-forwarded emails.
Reading emails is a way that malicious actors can gain information about an organization’s data and security settings without tipping their hands.
5. Enable Spoof Intelligence
Many techniques are used in hacking email, including pretending to be a legitimate system user or client, called spoofing.
Microsoft 365’s Exchange Online Protection and Defender systems enable administrators to analyze incoming emails automatically.
This filter may include an IP lookup tool to weed out fakes before they reach the intended recipient.
Users who receive warnings about potentially dangerous emails can provide feedback on the filter results to fine-tune the permissions.
Look for suspicious activity on the Alerts page of the administrator dashboard.
6. Use Office Message Encryption
IT managers should prioritize the latest email security options, including different encryption methods.
By upgrading to the E3 level, Microsoft Office 365 offers several opportunities to protect data in transit, including:
- setting rules for messages and attachments, such as preventing forwarding;
- providing secure, one-time passcodes for recipients to read emails on common platforms like Yahoo and Gmail, and
- authentication without the need for cumbersome certificates.
7. Report to Microsoft
Email and system security is an ever-evolving process.
By analyzing user experiences, Microsoft can identify and head off threats with new security patches.
Both admin-level and ordinary users may send reports directly to Microsoft to alert them to new threats or flaws in the email filtering process.
Protect Yourself from Cyber Attacks
Over $145 billion is spent worldwide on cybersecurity each year. In 2020 hackers stole $945 billion through cybercrime, partly due to the number of people working from home during the pandemic.
Some data is stolen by sophisticated packet-sniffing bots that scour the web for vulnerabilities when data is transmitted online.
However, exploiting the human factor, such as tricking people through phishing emails, remains a significant vulnerability.
That means IT professionals must be on top of setting permissions and tweaking filters to stay a step ahead of email hackers.
Author Bio: Ben is a Web Operations Executive at InfoTracer who takes a wide view from the whole system. He authors guides on entire security posture, both physical and cyber.