Office 365 Security Alerts with Paul and Tony
Long-time Microsoft MVPs, our very own CTO Paul Robichaux, and industry expert Tony Redmond engage in a discussion on the challenges and opportunities present in Office 365 security and auditing approaches.
Challenges with Office 365 Security
They take a technical deep-dive into the issues faced by larger organizations, those who have tenants with up to 20,000 seats, but no logical, detailed way of determining the activity in these accounts. For enterprise-scale organizations, recognizing suspicious logins and malicious activity is now even more critical, especially if they operate in, or with, the EU. There are hefty fines for noncompliance with the General Data Protection Regulations (GDPR), legislated at either a huge fixed fine or a percentage amount of a company’s annual turnover. This is difficult in today’s modern working environments, where organizations have thousands of Office 365 seats and operate on a global basis, presenting a very complex challenge when practicing security checks and audits.
Microsoft’s built-in Office 365 auditing lacks certain essential features such as rapid response, extensive filtering, visualization of the data, and clear presentation in graph or chart form. For small to medium enterprises, these limitations are manageable, however, when you have multiple Global Administrators this can be highly problematic for effectively detecting and responding to malicious logins.
Another downside to the native tools is that you have a 90-day limit on audit data, which if you’ve had an as yet undetected incident, could be detrimental. Part of the issue for Microsoft is that having 120 billion users (and growing), they need to soften the impact of the service, and do this by providing shorter data availability.
Continue this discussion here, with Paul and Tony:
Our security and auditing solutions for Office 365 enable you to detect unusual activity in your environment early on with our clear and itemized dashboards and timeline view. For example, if there is a suspicious login or a brute force password attack, our near real-time insights and on-event alerting will notify you to enhance your security strategy.
Another issue companies using the built-in tools face is that they don’t have the audit data information for long enough, so if you’ve had an attack but haven’t identified it yet, like Uber’s breach in 2014, the audit data is unavailable for you to conduct a further investigation. Our solution enables you to have this data for a minimum of a year. Collectively, these features provide you with the belt and braces you need when enforcing a resistant threat and security strategy in your Office 365 environment.