MSPs should always take precautions to protect their users from attacks. Office 365 has its own set of security issues that need special attention. Office 365 has over 135 million subscribers, so it's nearly impossible for any MSP to avoid it. Microsoft's Office Suite offers users email, One Drive storage, Skype and SharePoint access just from one subscription. Each of these resources has its own security gaps. Here are some common issues that MSPs should always consider in protecting user data.
Cloud Vendor Security
Some MSP customers will use Office 365 with third-party cloud applications. While this can be efficient for users and improve enterprise productivity, adding any third-party application to internal platforms brings a level of risk to security. Attackers use phishing emails to gain access to the platform sometimes using third-party vendors as a vector. In addition to third-party vendors, One Drive is included with Office 365. A successful phishing attack could lead to a compromised cloud storage device. Since cloud storage is available to the public, an attacker can breach data stored in the cloud without ever breaching the internal network. MSPs must take precautions to protect the internal network from phishing scams.
Ransomware and Cryptomining
NotPetya was a global security epidemic when it spread to different networks and encrypted data. Ransomware is one of the most dangerous malware applications because the attack scans the user's local hardware and (in some cases) the network for sensitive data. When files are found, ransomware encrypts the files with an asymmetric key that cannot be unencrypted without paying a ransom. This ransom can be small amounts of money or thousands of dollars. If the user takes too long to pay the ransom, the cost is increased.
In 2018, cryptomining malware attacks became more prevalent. Cryptomining attacks steal user resources and use them to mine cryptocurrency for the attacker. These attacks are usually in the form of JavaScript client-side code an injected on sites that have heavy advertising. Users notice that their computer is slow, but they rarely recognize that the performance issues are based on a cryptojacking attack. Ninety percent of remote code execution attacks were cryptojacking.
Of all the malware delivered to a remote user including enterprise employees, 92% of the delivery is done through email. Phishing attacks are common since the attacker can target a group of people with malicious links or attachments that can carry a heavy payload.
Vulnerabilities in SAML
Microsoft uses Security Assertion Markup Language (SAML) to transfer authentication information. A flaw was found that allowed an attacker to exploit a failure in the authentication procedure that does not authenticate an element named NameID. Researchers suggest that this security vulnerability could have been present since Microsoft first released Office 365 to the masses.
MSPs must always be up-to-date on the latest security risks, and this one affected any Office 365 user and could lead to a loss of data on One Drive, email from Exchange or Skype. In some scenarios, attackers are able to get administrative access to the Office 365 platform.
Outdated Software During an Office 365 Migration
Older Office software runs on the user's desktop, but office 365 runs in the cloud. The biggest security concerns for an MSP tasked with migrating from older software to the new cloud platform is the number of vulnerabilities. Third-party applications can pose a risk to an enterprise that hasn't updated its software. Smaller organizations are the most common businesses that often disregard software updates, leaving them vulnerable when the MSP migrates them to a cloud platform.
All software must be updated before migrating to the new Office 365 platform. Just updating software drastically reduces the number of possible security threats from outdated, unpatched versions.
Phishing Email Common with Most Vulnerabilities
The most problematic security issue for any MSP working with Office 365 clients is phishing emails. If the organization doesn't already have a solution to filter malicious email, the right solution is needed. Email filters and malware detection can take care of most malware attachments, phishing emails, scams, and any number of security issues that come with an Exchange server.
MSPs must take advanced precautions to protect their users from security threats. It is vital that MSPs use a reliable third-party vendor like TitanHQ who’ve specializing in email and web security for 25 years. TitanHQ works with over 2000 MSPs worldwide, many of these using Office 365. SpamTitan is a vital additional email security layer that provides advanced protection for users and businesses from phishing, ransomware, malware and cyber fraud.
Take a closer look at SpamTitan and sign up for free demo today.
For more information get in touch with us. Talk to a specialist or Email us at info@titanhq.com with any questions.
More free resources relating to Office 365 Email Security and Malware Protection
1. SpamTitan for Office 365
2. Protecting Microsoft Office 365 from Cyber Attacks
3. Phishing attackers targeting Office 365 Business Emails
4. Filling the email security gap in Office 365
5. The latest phishing and spoofing attack getting through microsoft office 365