ThirdSpace ThirdSpace
ThirdSpace
Close 0 Reset Search Run Search What are you looking for? Type at least three characters to search. Filter Search Results
  • All Content
  • Blog
  • Case Studies
  • Event
  • Resources
  • News
  • Careers
  • Access Centre
  • Technologies
  • Workshops
  • Solutions
  • People
Load more
30 July 2019

VIP Protection – Providing a digital bodyguard with Microsoft 365

  • Cyber security
  • Azure AD
  • Microsoft 365
David Guest

Key individuals are provided additional protection in the real world, so why wouldn’t you ensure they have it online?

Bodyguards are typically associated with presidents, prime ministers, celebrities and other important people. Why? Well, because they are high value, easily identifiable targets for an attack.

The same is true for top-tier individuals in any organisation. Their position and credentials make them an ideal entry point for a cyber security breach.

To protect these important people, we need to provide a bodyguard – virtually!

With the spread of cloud-based services and the options available within services like Office 365, there is potential to add additional protection for users, acting as a virtual bodyguard to accompany the digital identity.

This will reduce the user’s vulnerability to attack and increase the chances of an attack being detected. But who should you protect?

 

Top-tier security for top-tier users

The number of security concerns that we have to worry about are increasing on a daily basis. Phishing, spear phishing, spoofing, malware, malicious websites, drive-by attacks and more.

When planning an attack, the perpetrators will treat it like a military campaign, and you can be sure that they’ll have done their homework.

In the preparation phase, they’ll investigate the company and learn as much as they can about it. To do this, they will look at the company website, LinkedIn and Companies House listing. Using this information, they can easily find the names and positions of the company’s executives/owners.

Once these details have been found and understood the attack can be planned. This could be through a direct attack against the chosen individual, often formed by a spoof mail appearing to come from one executive to another.

While inbound mails should always be monitored and checked for known malicious malware and URLs, the same is not always done for internal emails.

“When planning an attack, the perpetrators will treat it like a military campaign, and you can be sure that they’ll have done their homework.”

This is one of the reasons why any legacy protocols (ones that don’t support modern authentication) are blocked; these legacy protocols are often used by the attackers to create mail that appears to be internal.

Many of these attacks are then used to gain access to the user’s individual ID and password, sometimes by simulating the corporate login page or something that is familiar to the user.

It is at this point that the additional protection kicks in. By utilising the additional security pieces available in Microsoft 365 the user can be provided with a better safety net. These additional elements include the various Advanced Threat Protection services (Office 365, Azure and Windows) but also Azure AD Identity Protection.

Identity Protection allows for the user’s risk to be evaluated every time they access the services. If the login attempt appears to be unusual, or the user’s ID and password have been found for sale (pwned) then the user can be blocked, required to perform a multi-factor authentication and be forced into a password change.

This risk driven approach can be automated to ensure that the important people within an organisation are always provided with the right security.

 

Conclusion

As we established at the start, these VIPs need additional protection because they’re easily identifiable and of great value. With the IT security provided by the full Microsoft 365 E5 stack, we can place an additional security layer around the people who are most likely to be attacked and ensure that major attack vectors are diminished.

Within your organisation, identify the people most at risk, or with the most power (and I do mean the IT administrators) and give them the correct level of defence. This will ensure that your systems are kept safe and secure.

Next, get to know how exactly Microsoft’s Advanced Threat Protection technologies all work together to deliver that top-tier protection, or explore the biggest cyber threats currently facing your organisation.

You may also like...

Blog

FIDO2 – Making Microsoft’s passwordless authentication a reality

Blog

Achieve identity security in 5 easy steps

Blog

Shaping the next-gen security operations centre with Azure Sentinel

Recent Blog Articles

View All
Author
David Guest
Solution Architect and Technology Evangelist
Learn More

Apply for a free Security and Privacy Workshop

Envision a secure future, with appropriate data protection and breach response plans.

Apply for free workshop
Award-winning solutions Award-winning solutions

Eight-time winner of the Microsoft Partner of the Year Award for Identity Management, Enterprise Mobility, and Security and Compliance.

ThirdSpace Please upgrade your browser

You are seeing this because you are using a browser that is not supported. The ThirdSpace website is built using modern technology and standards. We recommend upgrading your browser with one of the following to properly view our website:

Windows Mac

Please note that this is not an exhaustive list of browsers. We also do not intend to recommend a particular manufacturer's browser over another's; only to suggest upgrading to a browser version that is compliant with current standards to give you the best and most secure browsing experience.