By Elmar Eperiesi-Beck (expert) and Azure Security News
Microsoft Office 365 is the prime example of the cloud-based SaaS model. It has become one of the most popular cloud services over the past few years. Between 2015 and 2017, the number of subscribers increased by 320 percent. And Office 365 will continue to expand its reputation as the preferred cloud application for companies in the coming years: by 2021, more and more companies will switch to the cloud and cloud data is expected to take over up to 95 percent of all data traffic in data centers.
But what does Microsoft Office 365 offer companies? In addition to being able to access Office applications across a variety of platforms such as Android , macOS, and Windows , users are given storage space on the file hosting serviceOneDrive, Access to the e-mail, task management and calendar applications Outlook, the applications Excel , Word and PowerPoint as well as the collaboration tools Office Online, Skype for Business, SharePoint Online and Microsoft Teams.
However, not all Office 365 subscriptions are created equal. Depending on the plan you choose, there is a different selection of apps and tools. The Office 365 Enterprise E3 plan, for example, contains everything Office 365 has to offer – including all available additions to compliance and security tools. In contrast, the E1 plan offers almost no advanced security tools and the Office applications are only available as browser versions.
Businesses should become familiar with the different subscription models and see which plan is right for their purposes. It is imperative that they also deal with the topic of cloud data protection. After all, data breaches have reached an unprecedented high: LoudDataRisk Based Security’s Breach Quick View Report 2017 , there were around 7.8 billion exposed records in 2017. That was 6.3 billion more than in 2016 and corresponds to an increase of 420 percent.
The consequences of such data thefts are devastating: In addition to the problems for people who deal with the consequences of the theft of their private Datahave to contend with – including the complications and frustrations of dealing with identity theft – a data breach means major financial and, above all, reputational damage to the company. According to a report, the Ponemon Institute estimates that a data breach costs a company an average of $ 3.5 million. The need for data protection for cloud applications is obviously great.
Office 365 security features
In addition to tools for rights or identity management such as Azure Active Directory P1 and P2, there are also basics such as archiving,
DataLoss Prevention, Exchange Online Protection and eDiscovery / Advanced eDiscovery. In addition, Office 365 offers a few other useful security features:
Office 365 Threat Intelligence: As the name suggests, Threat Intelligence is an integrated tool for E5 that identifies potential attack targets and suspicious behavior from Office 365 users over an extended period of time. It suggests simplified workflows for dealing with potential injuries and threats and is useful for companies that work with private and sensitive data.
Advanced Threat Protection: This feature provides a message sandbox or filtering that checks email attachments for security. Advanced Threat Protection also checks and reports malicious links and URLs in real time and detects and protects against tracing and phishing in Exchange Online. Real-time URL checking either blocks access to malicious links or warns the user.
Cloud App Security: This integrated E5 tool provides a dashboard that alerts administrators to suspicious user behavior. Cloud App Security can also detect anomalies in Office 365 and when using third-party SaaS solutions and provide a detailed description of suspicious events as well as the detection and protection of sensitive data.
Customer Lockbox: This tool controls how a Microsoft support representative accesses a user’s data during a help session. Users can either approve or deny access to their sensitive data. If the users refuse access, however, this has a decisive disadvantage: In this case, Microsoft cannot access the mailboxes and thus cannot solve the problem. If the users approve the access, then support staff can see personal data.
Customer Key for Office 365: Customer Key allows administrators to introduce their own cryptographic key for server-side encryption (in Microsoft’s data centers) of services such as Exchange Online, OneDrive, SharePoint Online and Skype for Business. This includes the configuration of the required Azure resources and the management of a mandatory Microsoft recovery key. However, Microsoft administrators have access to the cryptographic key and thus also potentially access to the personal data that was encrypted with it.
Azure Information Protection P1 and P2: This cloud-based rights management service enables the encryption of documents and files, the tracking of documents and files and the classification of sensitive data. Users have to manually add this protection setting even though custom templates are included.
Azure Information Protection P2 can automatically add classifications to files and documents without user input. The disadvantage: Here too, administrators determine how the documents should be protected. You could therefore gain access to the data and the cryptographic keys at any time.
Advanced Threat Analytics: Advanced Threat Analytics (ATA) is an on-premises platform that uses machine learning to collect and track access requests, documents, locations, devices and users in order to create behavioral profiles based on user behavior. ATA also detects suspicious activity, malicious attacks, and known risks.
Intune: This cloud-based mobile device management service gives companies more control over mobile devices and applications forEmployeeto protect business applications and data on any device. It gives administrators control over how employees access and share company information and ensures that devices and applications are compatible.
Microsoft Cloud App Security (MCAS): This function enables company-wide control and monitoring of all apps on an employee device. For example, it shows what kind of unauthorized third-party service is oneEmployeeuses. In addition, it offers improved protection against threats and data loss through cross- SaaS . Additionally, in most cases , Office 365 includes auditing and logging, which reports certain searchable user and administrative actions (and the times of such actions) such as login requests, deletions, and more to investigate suspicious activity.
Authentication encompasses the way in which a user securely logs into a service. This can include entering the same password on-site as in the cloud, or some type of multi-factor authentication where a service user refers to a code on a mobile device or website to verify the identity of that user.
Another useful, integrated Office 365 function is Secure Score, which evaluates a company’s Office 365 deployment for possible risks and weaknesses and contains suggestions for improved cloud security controls. It scans the services used, such as Exchange, OneDrive or SharePoint, compares their numerical scores with the baseline of Microsoft and other Office 365 subscribers, and informs the company about best practices and security practices.
Encryption: Office 365 enables the encryption of email messages and Office documents stored on a computer, mobile device or in the cloud: files are encrypted using encryption algorithms such as Transport Layer Security / Secure Sockets Layer (TLS / SSL) and Advanced Encryption Standard (AES).
Encryption turns data into indecipherable text that can only be read by authorized users who have the cryptographic key. Transport encryption only protects the data on the way between the user and the cloud. There the data is then completely decrypted again. External encryption ensures that data is not only encrypted “in transit”, but also “at use” and “at rest” at all times. Buy article as PDF