When a co-worker sent me a link to Microsoft Office 365: US issues security alert over rushed remote deployments by Liam Tung, however I was a little surprised. The title is a little bigger than the article, however, maybe deploying Office 365 so many times, I take this step for granted.
Skipping to the meat of the article Liam Tung quotes:
Microsoft earlier this year revealed that 99.9% of the compromised accounts don't use MFA and that only 11% of enterprises had enabled MFA.
MFA is Multi-Factor Authentication, which comes as a piece of Microsoft Office 365. The above quote is referencing all user accounts within Office 365. Mr. Tung is focused on The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) advice for Privileged Account Management (PAM) during the rapid push for remote work during the COVID-19 pandemic. PAM is the secure creating, storing and sharing of credentials that provide elevated access and permissions across accounts, applications and systems. In Office 365 these are Administrative roles, and especially the Global Administrator that has rights to everything!
The simple guidance, with the click of a button turns on MFA for your Administrators! DONE.
I’m definitely not critical of the advice, but the article is making it sound like there are major gaps in the security of Office 365 as a whole. Users, especially privileged ones, are what hackers need to achieve their goals. So, yes there is a possible point of failure in Office 365 (or any other cloud collaboration platform) security. However, imagine a similar on-premises collaboration deployment. There are not only Administrative accounts for applications (like the cloud) but for all the hardware that is supporting it. I’m not a gambler, but in general the more available privileged accounts, the higher the risk. This is a gross simplification, but it is one small piece that I’m so confident in moving people into Office 365 ecosystem.
We’ve assisted 100s of organizations to move to Office 365 over the last 6 years, and many over the last few weeks during COVID-19 pandemic. It is possible, it is safe, and it provides the benefits of your organization by allowing communication and collaboration to be available from anywhere, safely. If you’re wondering where to start, Microsoft provides the guidance of how to secure Office 365 as a whole and easily deploy MFA.