• About
    • About Us
    • Our Expertise
    • Meet The Team
    • Careers
  • Managed Services
    • Overview
    • Monitoring & Detection
    • Protection
    • Response
    • Training
  • Cyber Assessments
  • Consultancy
    • Consulting Services
    • Cyber Executives
  • News & Resources
    • In the News
    • Blog
    • Resources
  • Contact
Can We Help?
  • About
    • About Us
    • Our Expertise
    • Meet The Team
    • Careers
  • Managed Services
    • Overview
    • Monitoring & Detection
    • Protection
    • Response
    • Training
  • Cyber Assessments
  • Consultancy
    • Consultancy Service
    • Cyber Executives
  • News & Resources
    • In the News
    • Blogs
    • Resources
  • Contact
  • Can We Help?

Is your Microsoft M365 service secure from attackers? Are you sure?

The mass migration to remote working as a result of the coronavirus pandemic has seen many organisations adopt new platforms and applications to remain connected and productive. One popular application is Microsoft M365 thanks to its variety of features that make remote collaborative work simple and accessible.

However, the increase in remote working and reliance on M365 has provided ample opportunities for cybercriminals to attack vulnerable cloud-based environments for many individuals and organisations alike. Although there are hundreds of configuration settings in each M365 tenancy, by default Microsoft do not apply the majority of security settings leaving users vulnerable and open to attack.

According to a survey by Sapio Research of businesses that use M365, 97% of the 1,112 IT security professionals surveyed said they’ve extended their use of M365 as a result of the pandemic. When reflecting on the past 12 months, 82% of respondents noted they have seen their organisation’s cybersecurity risk increase, with top security concerns being the risk of data compromise, risk of credential abuse leading to account takeover by unauthorised users and fears over the ability of hackers to hide their tracks using legitimate Microsoft tools such as Power Automate and e-Discovery.

These fears are completely understandable as navigating each configuration setting in M365 and determining if it needs to be configured can be a daunting prospect. If a setting is not in place or has been misconfigured, then you could be providing full access for anyone to view and delete your emails and documents. Keep your business secure and your data protected requires making use of the intelligent built-in Microsoft security features which are often not used to their full potential.

What We Offer

At CSA we are cyber security experts and we understand what it takes to keep your private data private, which is why our M365 Security Assessment solution is key for any organisation wanting to implement the best security practices whilst using M365.

First, we will assess your company’s M365 instance and ensure that you have all the necessary security controls correctly configured to appropriately protect your emails and documents. Following the assessment, you will receive a report on our findings, as well as a technical assessment on the specific controls that need to be changed (each control to be changed will be based on the criticality of exposure). We can also assist in implementing and amending the required controls on your M365 tenancy for added peace of mind.

We are passionate about providing high-level security solutions to organisations of all shapes and sizes, which is why our assessment is flexible to cater for any kind of company, from small businesses with less than 50 M365 accounts to large scale multinational companies.

Continuous Assessment

Since Microsoft introduces new features and services regularly, we recommend that our M365 Security Assessment is performed at least every 6 months to ensure any new features have not impacted the security posture of your M365 service. Cybercriminals are always on the lookout for new weak spots, but regular reviews of your security status make sure the opportunity for an attack never arises.

Integration Into BorderPoint

For our BorderPoint customers, the assessments will integrate into our existing service, providing additional security assurance to our already extensive offering. With BorderPoint you can remain confidently secure thanks to real-time monitoring on both your end point and M365 account. Any suspicious or malicious activity is analysed and reported to our team of Cyber Analysts, who will respond and advise as required.

To find out how we can help your business stay secure, get in touch!

Author: David Woodfine

Related articles

Posted on December 29, 2021

What is SquirrelWaffle?

SquirrelWaffle is known as a dropper malware, where it would be used to download additional and potentially more destructive malware onto…

Posted on December 16, 2021

CSA Awards of the Year 2021

As we near the end of year, an incredibly busy year for our teams in terms of growth and innovation, we wanted to take a moment to…

Posted on December 14, 2021

Cyber Essentials Changes: Here's Everything You Need To Know

Rapid digital transformation, mass adoption of cloud-based services and migration to home-working were necessary changes for businesses…

Posted on December 8, 2021

CSA 12 Days of Cyber Christmas

As the end of the year fast approaches, we wanted to share a little refresher on ways to ensure your technology and data remains…

Posted on December 1, 2021

Planning To Shop Online This Holiday Season? Here Are The Cybercrimes You Need To Be Aware Of

Black Friday and Christmas are considered a blessing and a curse within the retail industry. It’s a time where retailers…

Posted on October 20, 2021

This Apple “AirTag” Vulnerability could be harvesting your credentials

During late September, the headlines were hit with the news of a vulnerability within Apple’s AirTag…

Posted on October 13, 2021

September Security Roundup

Currently, the world faces not one pandemic but two: Coronavirus and the rise of ransomware attacks…

Posted on October 10, 2021

Is Data More Valuable Than Jewels? The A-List Cyber Heist That’s Putting Ransomware Attacks On The Map

Cybercriminals don’t discriminate. It doesn’t matter how famous you are, if your information is vulnerable…

Posted on October 6, 2021

CSA adds Lookout Mobile Endpoint Security to growing solutions portfolio

Following the global pandemic, the mass migration to remote working was a necessary move…

Posted on September 15, 2021

​​The Rising Popularity of NFTs and The Rising Security Threat

The art world is known for being ahead of the curve, adopting new and interesting technologies to…

Posted on September 7, 2021

TG1021 (Praying Mantis): The new threat actor group that could be targeting your IIS servers!

Recently, an infamous threat actor group going by the name of TG1021 or Praying Mantis…

Posted on August 19, 2021

Is Cyber Training and Education working?

The report from the ICO on the ‘surprising’ decline in personal data breaches…

Posted on August 13, 2021

How did an unknown hacker steal over $600M in cryptocurrencies in the biggest ever crypto based cyber-attack?

On 10th August 2021, Poly Network announced in a tweet that it had been attacked…

Posted on May 12, 2021

How to Prevent a Ransomware Attack

According to a 2020 survey by Sophos, 51% of organisations were hit by Ransomware in the last year…

Posted on January 10, 2021

Covid-19: How to prepare your staff
for remote working

Since the initial Covid-19 outbreak, the nation’s workforce had to learn to quickly…

Posted on December 13, 2020

Covid-19: Cyber Criminals Launch
Their Own ‘Virus’

Whilst the world is currently preoccupied with public health, cyber attackers have taken…

Posted on November 20, 2020

The rise of Covid-19 phishing scams

Whilst the rollout of the Covid-19 vaccine across the UK brings with it the good news…

About

  • About Us
  • Our Expertise
  • Meet The Team
  • Careers

Managed Services

  • Overview
  • Monitoring & Detection
  • Protection
  • Response
  • Training

Consultancy

  • Consulting Services
  • Cyber Executives

News & Resources

  • In the News
  • Blog
  • Resources

Cyber Assessments

Can We Help?

Partner Portal

Contact

Head Office Unit 11, Wheatstone Court, Waterwells Business Park, GL2 2AQ
©2022 Cyber Security Associates. All Rights Reserved.
Terms of Use Privacy Policy
Powered by P1C
This website stores cookies on your computer. These cookies are used to collect information about how you interact with our website and allow us to remember you. We use this information in order to improve and customize your browsing experience and for analytics and metrics about our visitors both on this website and other media. To find out more about the cookies we use, see our Privacy Policy.
Cookie settingsAccept
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT

Can We Help?