Earlier this year, technology researchers exposed a vulnerability in the way that Office 365 handled federated identities with SAML. This security flaw left hackers with ready access to user accounts and data. As a result, Office 365 users, including major companies such as British Airways, Vodafone, and Verizon, were left at the mercy of attackers. While Microsoft was quick to address this recent security vulnerability, the incident underscores the importance of cyber security, even for Office 365 users. Office 365 may not offer ample cyber security features to protect modern businesses, yet many corporations rely solely on Office 365 to stay safe. Take a minute to review your enterprise cyber security, and the limitations of Office 365, in lieu of security flaws that have come to light.
In the SAML issue, attackers could use cross domain authentication bypass to gain total access to an enterprise’s Microsoft 365 account. This meant that attackers could bypass authentication to view all emails, all documents stored in OneDrive, all meeting information kept in OneNote, and even Skype phone and video chat information. The level of access granted depended in the individual company’s Office 365 plan.
Two technology researchers, Klemen Bratec and Ioannis Kakavas, discovered this security flaw in Office 365’s SAML (Security Assertion Markup Language) Service Provider implementation. For a little bit of background, SAML allows for a single sign-on between different web domains. Within 7 hours of notification, Microsoft fixed the SAML flaw, thereby closing the open gate.
While this security flaw was quickly resolved, it nonetheless represents a risk for businesses and illustrates that Office 365 is not a panacea for security.
Studies show that the average company believes their data breach detection powers are significantly better than they are. 75 percent of Tripwire survey respondents believed that they could uncover a data breach within 48 hours of incident. Despite the high level of confidence, 59 percent of survey respondents reported that their data breach tools are only “partially or marginally” implemented. With such a lackluster deployment of cyber security tools, the reality is that businesses are realistically much closer to the 197 day time frame for detecting a security vulnerability, like a data breach, posited by Arbor Network.
The next time someone uncovers a security flaw in Office 365, it could be your business that is exposed — with disastrous results — while Microsoft plays catch-up. If incidents like these have you nervous about how safe your data is in Office 365, now is the time to make sure your business data is protected fully. Third-party tools allow you to use Office 365, while adding protections that reflect the risks of operating in the cloud environment.
A deep defense is the best way to safeguard against cloud-hosted enterprise assets data breach. If your business is relying only on the tools that come built into Office 365, the odds are great that your enterprise may fall victim the next time a security flaw is uncovered in Office 365. The above-mentioned examples should spur your business to act now. Investing in additional third-party protection will bridge any gaps in your security coverage. This will also act as a failsafe, should a new flaw be uncovered within the Office 365 environment.
If you are thinking of implementing additional security tools to protect your data in Office 365, the data shows that you are far from alone. Industry analysts predict that, by year end of 2018, 40 percent of those using Office 365 will actively rely on third-party tools to supplement cyber protection. This figure is up over 30 percent from less than 10 percent of Office 365 users in 2015.
There are many features that you can implement for additional protection — so many, in fact, that choosing among them can be confusing. Recommended add-on features that can bring additional protection include:
When considering supplementing your cyber security with third-party tools, it is wise to partner with a managed services provider who understands your business needs, IT infrastructure, and vulnerabilities. A sophisticated managed services provider can recommend utilities to implement, configure cyber security enhancements for you, and even perform network monitoring to quickly detect and mitigate any Office 365 cyber security incident. Managed service providers can implement cyber security tools on an as-needed basis, working with their clients to balance the ultimate in cyber protection with the IT budget needs of clients.
Microsoft is constantly tweaking the native security offerings within Office 365. Recent updates include admin ability to approve or deny user permission to access third-party services, admin oversight into which cloud services users are accessing, and the ability to receive security alerts when suspicious activity is detected in the Office 365 environment. Given this, the protection that business owners need to implement may vary over time, as Office 365 alters its security. Managed services providers can alter the services purchased to reflect updates to native Office 365 security.