Office 365 is one of the better business services to come out of the cloud services era. The days of managing exchange servers in house are happily gone, the thankless job it was…
Now that it’s out of your opex you need to know and should be monitoring for the following “features” Microsoft has enabled on the platform. The benefits still outweigh the risks but these are some basic informational steps you can take to reduce your organizations exposure.
- Any IT admin with administrator permissions can assign ANYONE admin access to all mailboxes. Need proof? Here’s the article from Microsoft with instructions! – This means ALL the CEO, CFO, COO’s emails can be read without them ever knowing about it. You should check for this vulnerability daily (hourly with the right tool) and alert when it’s detected. – If you’re not sure where to stare to monitor for this, contact us!
- Data Leakage right out of the box. Users can access SharePoint and one drive from home. Have a policy set for this.
- Check your Office 365 Security Score here. Make this checkup a monthly or at least quarterly check! This is a rating for a critical part of your organizations information use it, protect yourself. – We can help if you’re not sure where to start.
These are some basic steps to take that can start a good security strategy for your O365 cloud services. These are real problems not smoke, take action and monitor for these problems after resolving.