With remote and hybrid workplaces becoming the norm, many Microsoft 365 deployments were rushed, leaving security teams playing a game of catch-up that continues today.
Rapid deployment of Microsoft 365 has left security gaps
Gartner predicts that almost all cloud security failures will be the result of customers making configuration errors.
Organisations must be vigilant and ensure security settings are optimised and that new vulnerabilities are promptly addressed. Default configurations are often not optimised for an organisation’s specific security needs, leaving gaps that cybercriminals can exploit.
In addition, the complexity of those settings can lead to even the most experienced experts making mistakes.
In one recent case, an organisation made an error in the set-up of multifactor authentication (MFA) policies. It inadvertently set up its MFA policies in reverse and authorised users from non-approved countries to log in without MFA, while enforcing it for approved locations.
Errors like this can easily go unnoticed in a rapid deployment, leaving the organisation vulnerable to unauthorised access.
Rethinking security for the modern workplace
Traditional security models, where systems were protected behind corporate firewalls, are no longer fit-for-purpose.
The increased accessibility, which is beneficial for productivity, has expanded the attack surface. And it requires a complete overhaul of security strategies. This has left security teams playing catch-up and searching for ways to keep up with emerging threats, while simultaneously taking advantage of new features.
Hardening and maintaining the Microsoft 365 environment is not a one-off project. As the threat landscape evolves, it is critical that organisations commit to an ongoing program to rigorously protect their systems and information assets.
Securing Microsoft 365 environments requires a three-step approach
- Assess your current posture: The first stage in this process to assess the current configuration of the Microsoft 365 environment and the risk environment. Unless you know your current position and what threats you face, it will be impossible to prioritise your resources.
One of the biggest challenges in this process is the sheer volume of potential settings that cannot be reviewed by humans in a timely manner. Therefore, security teams need to either use the right tools or work with a partner equipped with expert Microsoft 365 knowledge to identify issues before they occur.
- Prioritise and remediate: Following the assessment, resources are allocated to uplift the organisation’s security posture. While the assessment might reveal more issues, it is important to prioritise the issues that are most critical and easiest to fix.
- Continuously monitor for improvements: Regular reassessments of threats and risks is crucial to identify and mitigate new vulnerabilities before they escalate. This requires a balancing act to ensure robust security measures support, rather than hinder, businesses operations.
For example, data availability is a matter of life and death at organisations like the Department of Fire and Emergency Services in Western Australia. Their business objective was to find the right balance, implement and monitor the appropriate controls. This requires an understanding of the available controls and risks, and then finding a way to meet operational and security objectives.
Furthermore, uncovering hidden capabilities is another benefit that comes from this assessment.
Combining the security benefits of identifying and closing vulnerabilities, the return on investment (ROI) often greatly exceeds the cost of the assessment. This dual benefit of enhanced security and improved ROI makes a compelling case for regular security audits.
Act now to secure your Microsoft 365 environment
Businesses can mitigate the risks of rapid cloud deployments by adopting a proactive approach to security. This starts with regular assessments, continuous improvement, and combining advanced tools with human expertise. Attackers are also constantly testing defences, and configuration drift can quickly open unseen vulnerabilities. Regular assessments protect an organisation’s digital assets.
Rapid deployments of Microsoft 365 have resulted in new security gaps. By undertaking a thorough assessment, organisations can identify risks and vulnerabilities to better prioritise resources and support their business objectives as safely as possible.
Fujitsu provides comprehensive end-to-end cybersecurity services, including consulting, digital forensics, security assessments, and more. Discover how our solutions can support you in addressing today’s most pressing security challenges: https://www.fujitsu.com/au/services/security/featured.html