Is Your Microsoft 365 Account Suffering From Security Misconfiguration?

Is Your Microsoft 365 Account Suffering From Security Misconfiguration?

Have you edited your Microsoft 365 business account security settings, or did you just leave them at the defaults?

Too many businesses don’t understand where or how to update security configurations in the platform or even that they need to. This can lead to data breaches due to misconfiguration, which is a rising problem when it comes to cybersecurity.

70% of companies have suffered a public cloud data breach within the last year.

Misconfiguration is when security settings are not set strongly enough in a cloud application. Because of the increased reliance on cloud services, misconfiguration is one of the major causes of ransomware and other malware infections and compromised cloud accounts.  

In a survey of IT security professionals, misconfiguration was named as the #1 threat to cloud security. Ensure you don’t allow this type of vulnerability to cause a major security incident at your Fresno area business. Get the help you need to secure your Microsoft 365 account.

If you aren’t sure where to start with securing your account, we have several tips below to help.

Set Up Multi-Factor Authentication

The first and most impactful security setting you can put in place is to enable multi-factor authentication (MFA) for all your users. This can reduce account takeovers by 99.9%

Enabling MFA means that users will be prompted to add a device to their account that can receive the MFA code. Then, when they login and enter their username and password into Microsoft 365, they’ll be sent a time-sensitive one-time use code to enter.

This blocks fraudulent sign-in attempts because hackers will not generally have access to the physical device that receives the MFA code.

Turn on Malware Attachment Blocking

Phishing scams often use malicious attachments. As soon as users open them, they can infect a system with ransomware, spyware, or another type of malware.

You can boost your email protections in Microsoft 365 by turning on a setting to block file attachments that are commonly known to be used for malware in phishing attacks.

To do this:

  • Sign in as an admin at https://protection.office.com
  • In the Security & Compliance Center, under Threat Management, choose Policy > Anti-Malware
  • Find the default company-wide policy and double-click to edit
  • Choose Settings
  • Find the Common Attachment Types Filter and turn it to On
  • Select Save

You can further increase security by adding more blocked file types to the list you’ll find when you turn this setting on. Here are several that Microsoft recommends: ade, adp, ani, bas, bat, chm, cmd, com, cpl, crt, hlp, ht, hta, inf, ins, isp, job, js, jse, lnk, mda, mdb, mde, mdz, msc, msi, msp, mst, pcd, reg, scr, sct, shs, url, vb, vbe, vbs, wsc, wsf, wsh, exe, pif.

Stop Giving Everyone Admin Privileges

If you’re not already, you want to be using the “Rule of Least Privilege” in any cloud platform you use, including Microsoft 365. This means giving users the lowest privileges possible for them to do their work.

Microsoft 365 allows you to go a step further, so you don’t have to grant admin privileges to employee accounts. Instead, you can set up a dedicated global admin account for users to use when doing administrative tasks only.

You do not have to purchase an additional user license for this dedicated global admin account. It will keep your account more secure by:

  • Reducing the number of accounts that have administrative privileges
  • Reducing risk because the dedicated admin account isn’t used for email
  • Using an account that most likely will not have a reused password, as many employee accounts have

Increase Ransomware Protection By Warning Users of Macros

Office files are increasingly being used by cybercriminals as a delivery method for ransomware and malware. A new report released in July 2020 showed that Office documents now make up 22.4% of all malicious file types.

Hackers will use the macro feature to autorun malicious programs as soon as the file is opened. Users often trust Word, Excel and other Office files because they tend to work with them every day.

You can warn your users before they open a macro-enabled Office file by setting up a mail policy.

To do this:

  • Go the Exchange admin center
  • Select “rules” in the mail flow category
  • Click “+” to create a new rule
  • Go to the bottom of the dialog box and click to open more options
  • You’ll want to apply the following options below, and then click “save.”

Options to set your rule:

  1. Setting: Warn users before opening attachments of Office files
  2. Name: Anti-ransomware rule: warn users
  3. Apply rule if: Any attachment matches a certain file extension type
  4. Specify these extensions: dotm, docm, xlsm, sltm, xla, xlam, xll, pptm, potm, ppam, ppsm, sldm
  5. Do the following: Prepend a disclaimer
  6. Add message text: For example, “Do not open these types of files unless you were expecting them. They can contain malicious code.”

How Secure are Your Cloud Business Tools?

Unity IT can help your Fresno area business ensure that none of your cloud accounts are suffering from misconfiguration, and put the settings in place you need for solid security. 

Contact us today to schedule a technology consultation at 559-297-1007 or reach out online.