Email is one of the most widely used communication tools. Research shows that 91% of all cyberattacks originate via email.
It only takes a momentary lapse in user vigilance for a scam to wreak havoc on your business.
The high daily volume of messaging in the workplace presents a substantial ongoing challenge to organisations to secure information.
In an analysis report titled “Microsoft Office 365 Security Observations,” the Cybersecurity and Infrastructure Security Agency (CISA) states:
“Most of these organizations did not have a dedicated IT security team to focus on their security in the cloud. These security oversights have led to user and mailbox compromises and vulnerabilities.”
Office 365 customers themselves – not Microsoft – are responsible for their security boundaries and settings within the Microsoft Cloud.
Misconfigurations and inconsistent deployments will lower the overall security posture (e.g., mailbox auditing disabled, unified audit log disabled, and multi-factor authentication disabled on admin accounts).
CISA further encourages the implementation of an organisational cloud strategy that will protect customers’ infrastructure assets, defend against attacks related to their O365 transition, and secure their O365 service.
To help you secure and de-risk your business, we created the Office 365 Cyber Performance Pack.
The solution comprises
CodeTwo email signatures for Office365
Audit and block legacy (basic) authentication
Upgrade to Microsoft 365 Groups
Configure Email Authentication
Block sign-in for all shared mailboxes
Disable consumer storage locations
Outlook email encryption branding
Disable auto-forwarding to remote domains
Cyber Performance Pack threat policies
Customise settings for Outlook email encryption
Extend the default audit log age limit to 1 Year
Configure alert policies
Configure the unified audit log
Extend deleted items retention to 30 days
Email marketing and compliance
CodeTwo email signatures for Office365
Create and manage email signatures, legal disclaimers, automatic replies, and marketing campaigns. Stay compliant with GDPR and POPIA.
Configure email authentication
SPF, DKIM and DMARC are DNS records that mail servers use to validate or prove that your email is coming from a trusted source. Protect your reputation and remove the risk of your email domain being used to launch cyber-attacks.
Outlook email encryption branding (Azure AIP P1 or P2 SKU)
Customise your email encryption messages.
Customise other settings for Outlook Email Encryption (Azure AIP P1 or P2 SKU)
- Encrypt PDF Attachments
- Automatically decrypt journal messages for use in third-party email archives
- Prevent automatic decryption of downloaded attachments
Security best practices for configuring Exchange Online
Configure the unified audit log
The Unified Audit Log is the primary source of forensic data for any incident Response engagement.
Audit and block legacy (basic) authentication
Microsoft will be disabling Legacy authentication from September 2022. Our team will help you transition to Modern Authentication and identify any mailboxes affected when Legacy Authentication is disabled.
Block sign-in for all shared mailboxes
Bad actors often use these mailboxes. Our team will help identify shared mailboxes and resource mailboxes that should have interactive sign-in disabled.
Configure No Auth SMTP Relay Connectors and Transport Rules for Multi-Function Devices or Applications.
Disable auto-forwarding to remote domains
When attackers get a hold of a mailbox, they will often exfiltrate data by setting up mailbox forwarding to an outside email address that they can then monitor without needing constant access to the source mailbox. Our team will help you identify mailboxes with legitimate forwarding requirements before disabling auto-forwarding.
Extend the default audit log age limit to 1 Year (E5 or E5 Compliance SKU)
By default, Office 365 audit logs are set to 30-day retention. We increase this to 1 year (or more if necessary).
Extend the default retain deleted items retention to 30 days
By default, deleted emails, contacts, calendars and tasks are retained in the dumpster for 14-days. We increase this to 30 days.
Upgrade to Microsoft 365 Groups
For years, organisations have relied on distribution groups to communicate and collaborate with groups of people both inside and outside the company. Now, however, Microsoft 365 Groups in Outlook offer a more robust collaboration solution and includes a (1) shared inbox, (2) shared files library, (3) shared calendar, (4) shared OneNote Notebook, and its content is discoverable.
Disable consumer storage locations
Prevent users from working with Drobox, Facebook and (Personal) OneDrive in Outlook Web Access.
Alerting and monitoring integration into Global Micro’s SOC
Configure the unified audit log
The Unified Audit Log is the primary source of forensic data for any incident Response engagement.
Audit and block legacy (basic) authentication
Microsoft will be disabling Legacy authentication from September 2022. Our team will help you transition to Modern Authentication and identify any mailboxes affected when Legacy Authentication is disabled.