Idecsi News

19 October 2018

An expert solution for Microsoft 365 data protection

Idecsi, expert solution for Microsoft 365

Some companies are born with O365, some achieve the migration, and others have Microsoft 365 thrust upon them. Whichever category you’re in, the Microsoft 365 juggernaut cannot be ignored. The breadth of functionality, ease-of-access and integrated components make it a very convenient environment for companies to rely on.

But convenience has ever been the flipside of Microsoft 365 security – whether that’s locking your front door, or deploying multi-factor authentication. As Microsoft 365 is deployed, it brings with it a wealth of new, and existing, security challenges.  Recent research found that 44% of organizations were victims of targeted email attacks launched via a compromised account1. There have been increasing reports of the ability to bypass single sign-on or MFA to brute force methods to steal corporate Microsoft Office 365 login credentials and log into enterprise systems [1].   

Companies need efficient and cost-effective methods to detect such attacks. Unfortunately, many Office 365 migrations are undertaken without sufficient upfront analysis of the security implications.  And once the migration is complete, there is relatively little willingness to invest further in something that has already cost a lot of time and money.   

The normal model of detection – using SIEM or IDS technology supported by a sophisticated security team – cannot scale to Office 365 environment. Simply delivering the relevant logs for email into a SIEM can cost more than £1 million in licence fees alone.  And the most galling point is that in 95% of breaches, it is the user who knows whether or not the anomalous behaviour is legitimate.

MyDataSecurity: a personal SIEM

Technology which can detect unauthorised access to Office 365 in real-time, along with malicious configuration changes, and engage directly with the user to minimise time to detection and time to resolution. The platform has three key characteristics :

Application awareness

By treating logs as meaningful messages which can be analysed, the system can be much more efficient than searching for patterns in logs which are treated as unstructured data.

User understanding

The only way to accurately identify breaches in a platform as broad as Microsoft 365 is to analyse behaviour for every single user or library individually, and have a unique profile for every user, library or other protected resource. No other approach can yield the necessary accuracy.

User engagement

In the vast majority of cases, the user knows the answer – there is no need to engage a complex and expensive communication flow through technology and the security team only to say to the user “was this you?”. By providing accurate information, in user-centric language, with absolutely straightforward response options, users can easily, and cheaply, support breach detection and resolution. 

By using MyDataSecurity approach, a company can massively expand its corporate defences, especially around Office 365, without increasing the size of the security team. 



Our articles

These articles may
interest you

feedback from L'Oréal - Assises
Idecsi News

Assises Security Conference 2022: feedback from L'Oréal

Lire l'article
Access review

M365 Collaboration Tools Access Review

Lire l'article
Classification with MIP
Microsoft 365

Classify and protect sensitive data: focus on MIP

Lire l'article
microsoft teams data protection
Microsoft 365

Microsoft Teams: 5 key points to improve data protection

Lire l'article

Data protection, let's discuss your project?


Contact us
video background