Authentication Fundamentals

Stopping a Microsoft Office 365 Attack — What Are Your Options?


Microsoft Office is the most deployed app in enterprise businesses around the world. Around 1.2 billion people use an MS Office app of some kind, and MS Office 365 -Microsoft’s monthly subscription office productivity app – is becoming increasingly popular. Around 70 million people use Office 365 commercially, and it’s taken over from Salesforce as the most popular cloud app for enterprises.

But, MS Office 365 isn’t without issues. It’s very ubiquity and the fact it has such a large online component makes it a prime target for hackers. When your MS Office 365 ecosystem is under attack, just what can you do?

How an MS Office 365 Attack Works

When hackers target Office 365 users, they want to gain access to cloud-based OneDrive, email, Sharepoint and other applications where sensitive data resides.

Hackers use social engineering and phishing to attempt to gain access to user passwords. Others simply buy them off the dark web for as little as US $3 per record.

While many organizations take great care to protect their “inside the firewall” resources, requiring users to access with strong authentication on trusted devices, cloud applications often get overlooked. For the sake of convenience, users are allowed to use any device, their personal or public internet connection and a simple password to access these applications. The consequences of this oversight can be chilling.

Solutions to MS Office 365 Attacks

There are two main defenses against attacks on Office 365 — single sign-on and multifactor authentication.

Single Sign-on – What it is and How it Works

Single sign-on (SSO) requires users to logon securely when they start their work for the day, or after they have been away from their computer for a while. Single sign-on authenticates a user once, then automatically authenticates whenever they use a linked piece of software without the use of multiple passwords.

A good tradeoff between convenience and security — users only need to enter a password once or at most, a few times daily. In return, security protocol can require the use of more complex passwords in combination with additional types of authentication such as a token, key card or fingerprint.

Sophisticated single sign-on solutions can also take contextual or behavioral factors into consideration, such as the location of the individual or patterns in keystroke. The best part of an SSO solution is that at some point, the access pathway leads to and across the corporate network where a time out or step up policy can be enforced.

Multifactor Authentication — What it is and How it Works

Multifactor authentication is another strong option for keeping attacks on Office 365 at bay. In order to verify identity, security protocols require users to provide a combination of factors. These may include:

  • Something they know, such as a pin or password
  • Something they have, such as a one-time password (OTP), pin or smartcard
  • Something they are, such as a fingerprint or facial verification
  • What they are doing or where they are, location of the user or keystroke biometrics.

These extra layers of security will significantly boost security and can be configured to deliver the right level of protection for the enterprise.

The Best Solution — Combining Single Sign-on and Multifactor Authentication

The most powerful solution that combines both security and convenience is to request single sign-on using a multifactor authentication method. Employees will authenticate themselves with their logon, password, security code and biometric data at the start of the day, and then get access to the systems they need.

This is a very effective way to thwart hackers who want to access your MS Office 365 data and keep your business safe and secure.

Jeff Carpenter is Director of Identity and Access Management solutions at Crossmatch. In this role, he is responsible for evangelizing Crossmatch’s DigitalPersona® solution. In his 10+ years in cybersecurity, Jeff has held positions with a number of top tier cybersecurity and technology companies, most recently he was with RSA, a Dell Technologies company. Jeff earned a Bachelor of Science degree in Business Administration from Creighton University in Omaha, Nebraska. He holds both a Certified Information Systems Security Professional (CISSP) and a Certified Cloud Security Professional (CCSP) designation.

Authentication Fundamentals
EU General Data Protection Regulations. What You Need to Know
Authentication Fundamentals
SAML — Your Questions, Answered
Authentication Fundamentals
Multi-Factor Authentication and Single Sign-On Explained
There are currently no comments.