The US Cybersecurity and Infrastructure Security Agency (CISA) issued an alert on Wednesday recommending best practices for addressing Microsoft Office 365 security configuration errors.
The latest alert (AA20-120A) is an update to the CISA's AR19-133A analysis report published on 13th May 2019 and discusses various steps that organisations must take to ensure that their Office 365 environment is properly configured to provide protection against attacks from threat actors.
In recent weeks, the coronavirus outbreak has forced many organisations to change their collaboration methods to support a workforce working fully from home. Such organisations are now looking to cloud collaboration platforms such as Office 365 to enable their employees to continue working with the minimum of disruption.
But uptake of new cloud technology also brings with it new risks.
"While the abrupt shift to work-from-home may necessitate rapid deployment of cloud collaboration services, such as O365, hasty deployment can lead to oversights in security configurations and undermine a sound O365-specific security strategy," CISA said in the alert.
The agency stated that it has seen many instances where organisations failed to implement best security practices for O365, making it highly vulnerable to attacks.
To prevent hackers from exploiting security weaknesses and configuration errors in Office 365, CISA advises organisations to use multi-factor authentication (MFA) for administration accounts. MFA provides an additional security layer, helping to verify that the person signing in is legitimate, not an adversary using stolen credentials.
Organisations should also ensure that they assign administrator roles using Role-based Access Control (RBAC).
Other recommendations from CISA include:
- Use MFA for all users
- Enable Unified Audit Log
- Enable alerts for suspicious activity
- Use Microsoft Secure Score
- Disable legacy protocol authentication, if not required, or limit its use
- Integrate logs with your existing SIEM tool
Last month, Microsoft announced that it would begin migrating Office 365 Personal and Home subscribers to Microsoft 365 over the next few weeks.
The company also revealed the plan to roll out a new Microsoft Family Safety app "designed to keep your family safe across the digital and physical worlds" and a number of new features to Microsoft Teams to "bring you closer to your friends and family".
Malicious web shells can evade detection from most security tools, so they are difficult to detect
New version with 256-bit AES encryption (for real this time) to be rolled out next week
The reported vulnerabilities impact Zoom clients for MacOS and Windows, Zoom refutes the claim
Nemty ransomware operators close public ransomware-as-a-service operation and switch to private mode
Victims have one week to purchase decryption keys from operators
A patch to fix this bug has already been released by Microsoft