Key individuals are provided additional protection in the real world, so why wouldn’t you ensure they have it online?
Bodyguards are typically associated with presidents, prime ministers, celebrities and other important people. Why? Well, because they are high value, easily identifiable targets for an attack.
The same is true for top-tier individuals in any organisation. Their position and credentials make them an ideal entry point for a cyber security breach.
To protect these important people, we need to provide a bodyguard – virtually!
With the spread of cloud-based services and the options available within services like Office 365, there is potential to add additional protection for users, acting as a virtual bodyguard to accompany the digital identity.
This will reduce the user’s vulnerability to attack and increase the chances of an attack being detected. But who should you protect?
The number of security concerns that we have to worry about are increasing on a daily basis. Phishing, spear phishing, spoofing, malware, malicious websites, drive-by attacks and more.
When planning an attack, the perpetrators will treat it like a military campaign, and you can be sure that they’ll have done their homework.
In the preparation phase, they’ll investigate the company and learn as much as they can about it. To do this, they will look at the company website, LinkedIn and Companies House listing. Using this information, they can easily find the names and positions of the company’s executives/owners.
Once these details have been found and understood the attack can be planned. This could be through a direct attack against the chosen individual, often formed by a spoof mail appearing to come from one executive to another.
While inbound mails should always be monitored and checked for known malicious malware and URLs, the same is not always done for internal emails.
“When planning an attack, the perpetrators will treat it like a military campaign, and you can be sure that they’ll have done their homework.”
This is one of the reasons why any legacy protocols (ones that don’t support modern authentication) are blocked; these legacy protocols are often used by the attackers to create mail that appears to be internal.
Many of these attacks are then used to gain access to the user’s individual ID and password, sometimes by simulating the corporate login page or something that is familiar to the user.
It is at this point that the additional protection kicks in. By utilising the additional security pieces available in Microsoft 365 the user can be provided with a better safety net. These additional elements include the various Advanced Threat Protection services (Office 365, Azure and Windows) but also Azure AD Identity Protection.
Identity Protection allows for the user’s risk to be evaluated every time they access the services. If the login attempt appears to be unusual, or the user’s ID and password have been found for sale (pwned) then the user can be blocked, required to perform a multi-factor authentication and be forced into a password change.
This risk driven approach can be automated to ensure that the important people within an organisation are always provided with the right security.
As we established at the start, these VIPs need additional protection because they’re easily identifiable and of great value. With the IT security provided by the full Microsoft 365 E5 stack, we can place an additional security layer around the people who are most likely to be attacked and ensure that major attack vectors are diminished.
Within your organisation, identify the people most at risk, or with the most power (and I do mean the IT administrators) and give them the correct level of defence. This will ensure that your systems are kept safe and secure.
Next, get to know how exactly Microsoft’s Advanced Threat Protection technologies all work together to deliver that top-tier protection, or explore the biggest cyber threats currently facing your organisation.
Send us your questions or feedback.
Friendly folks are standing by!
Eight-time winner of the Microsoft Partner of the Year Award for Identity Management, Enterprise Mobility, and Security and Compliance.
You are seeing this because you are using a browser that is not supported. The ThirdSpace website is built using modern technology and standards. We recommend upgrading your browser with one of the following to properly view our website:Windows
Please note that this is not an exhaustive list of browsers. We also do not intend to recommend a particular manufacturer's browser over another's; only to suggest upgrading to a browser version that is compliant with current standards to give you the best and most secure browsing experience.