Staying Safe With Office 365

Increasingly, cloud services are being targeted by hackers who wish to gain access to your email accounts or target individuals in your organisation for fraudulent purposes.

Below are some items you may wish to consider enabling for your organisation.

If you are using Office 365 for your email, we can enable multi-form factor authentication for your accounts. This means that when a user logs in to Office 365 in the cloud, they are required to not only use their password but verify who they are by either approving the connection on an app on their phone, entering a code sent to them by text or by phone call. This means that even if the users password is compromised the hacker would need the second authentication method as well to gain access to the account. This is free to enable in Office 365. Some configuration and labour is required to enable it on the accounts and on your mobile devices. We charge a fixed price of 15 minutes labour time per user, to reconfigure their local Outlook, mobile phone, and enable the settings on the account.

This helps protect against instances where a user may reveal their password online on an incorrect form, or by clicking on a link that is not really an Office 365 login, but a hacker trying to gain credentials. Also, many users use the same password for multiple sites, if a password is compromised with one provider and it’s the same as Office 365 this may also be problematic.

We also recommend a product from Microsoft called Advanced Threat Protection.

https://products.office.com/en-gb/exchange/online-email-threat-protection

It’s £1.51+VAT per user per month and I would recommend enabling it for all users in the organisation. It provides actionable insights help identify, prioritize, and provide recommendations for addressing potential threats such as phishing and malware and proactively securing your organisation from attacks.

Another common threat is when someone masquerades themselves with a  similar email address for example; daniel.shone@ap3xcomputing.co.uk (note the e has been replaced with a 3) which could be registered, that would not show up as suspicious and if the users doesn’t verify it could be problematic. If requested we can enable a mail rule on Office 365 so that whenever an email comes in from someone external to the company it puts in the subject line *EXTERNAL* that way it’s easy to see if it’s someone masquerading as an external user.

The best protection against these kind of problems is training. We can also offer online training for end users. We can offer an online training portal that is GCHQ certified where end users complete multiple choice questions and get interactive training on how to be Cybersafe. This product is called Mitigate and is priced at £6+VAT per user per month.

We would recommend a backup product for all customers that use Office 365 called Datto. It’s an add on to Office 365 and it costs £2.40+VAT per user per month.

It backs up all of the data in a user’s mailbox, but also backs up other parts of their Office 365 account.

Microsoft will replicate all your information to multiple servers in multiple Microsoft data centres. This ensures that users can readily access their account the event of a failure that affects one of the servers. Outside of this core system protection, when you delete an email for example, it will go into the “Deleted Items” folder and when this is emptied it will move into “Recoverable Items” folder for a short time. If you then need this email back and you are within the time window, you can recover the email. Outside of Office 365’s core backup process, there is no real mechanism to back up a mailbox other than utilising the recommended approaches of Deleted Item Recovery and Recovered Item Recovery and this is where Datto SaaS Protection fits in.

Having Datto SaaS Protection for your accounts will cover you against the following risks:

  • Unintentional deletion – sometimes, for example when a user declutters their mailbox, some important emails can be deleted by mistake. If this then falls outside of Microsoft retention period, there is no way to retrieve the email.
  • Intentional deletion – probably nobody likes to think about this option, but it is possible for employees to delete important emails on purpose. Depending on when this is realised, there could be no way to get the email back.
  • Hardware malfunction or system crash – accidents happen, and sometimes, for no apparent reason, data stored in emails can get corrupted or beyond repair. In some cases Microsoft engineers can get the data back, however this is often a lengthy process and with no guarantee.
  • Malicious software – cybersecurity market is doing its best to protect computers from viruses and other malicious software, but there is always a chance that a virus takes its toll.

Having Datto SaaS Protection enabled is also important for customers who utilise SharePoint and OneDrive. It also has the following advantages:

  • Admins can take any additional backups at any time which is something Microsoft does not do.
  • Datto SaaS Protection does not have a limit on retention times so backups are easily restored.
  • Datto will backup Office 365 files multiple times per day – This includes OneDrive files and folders, Exchange Email, SharePoint, Contacts and Calendars.
  • Datto can restore files, emails and calendars to the end user or to a different location if needed.
  • Datto has built in data encryption.

Datto SaaS Protection, like the cost of your Office 365, is subscription based. The cost to enable this on each Office 365 account is £2.40+VAT per account, per month.

Give our office a call now on 0161 233 0099 for more information.