• IT Services

    Managed IT Services

    • Managed IT Service Desk
    • Managed IT Infrastructure
    • Managed IT Monitoring
    • Managed Backup
    • Mobile Device Management

    IT Security

    • Network Security
    • Email Security
    • Website Security
    • Security Assessment

    Cloud Services

    • Private Cloud
    • Cloud Migration
    • Cloud Backup
    • Office 365 for Business
    • Job Management System

    IT Services

    • IT Projects
    • Business Phone System
    • IT Planning
    • IT Systems Health Check
    • Education Solutions
  • Software Services

    Technology

    • Microsoft 365
    • Dynamics 365
    • SharePoint
    • Power BI
    • Power Apps

    Services

    • Business Consulting
    • Software Development
    • Strategic Architecture
    • Intranet Development
    • Data Migration
    • Business Analytics & Data Visualisation

    Solutions

    • Solutions by Industry
    • Solutions by Business Need
    • Solutions by Technology
  • About

    • About us
    • Our Clients
    • Success Stories
    • Our Partners
    • Blog
    • Resources
    • Careers
  • SUPPORT

    • Quick Support
  • Contact Us

FOLLOW US

Sales:
1300 797 888


Support:
1300 797 838

Search

Search
Call us 1300 797 838
EmpowerIT logo
  • IT Services

    Managed IT Services

    • Managed IT Service Desk
    • Managed IT Infrastructure
    • Managed IT Monitoring
    • Managed Backup
    • Mobile Device Management

    IT Security

    • Network Security
    • Email Security
    • Website Security
    • Security Assessment

    Cloud Services

    • Private Cloud
    • Cloud Migration
    • Cloud Backup
    • Office 365 for Business
    • Job Management System

    IT Services

    • IT Projects
    • Business Phone System
    • IT Planning
    • IT Systems Health Check
    • Education Solutions
  • Software Services

    Technology

    • Microsoft 365
    • Dynamics 365
    • SharePoint
    • Power BI
    • Power Apps

    Services

    • Business Consulting
    • Software Development
    • Strategic Architecture
    • Intranet Development
    • Data Migration
    • Business Analytics & Data Visualisation

    Solutions

    • Solutions by Industry
    • Solutions by Business Need
    • Solutions by Technology
  • About Us
    • About us
    • Our Clients
    • Success Stories
    • Our Partners
    • Blog
    • Resources
    • Careers
  • Support

    NSW & ACT Support
    Phone: (02) 8030 8900
    VIC & TAS Support
    Phone: (03) 9012 9620

    QLD Support
    Phone: (07) 3056 2640
    WA, SA & NT Support
    Phone: (08) 6488 0000

    Quick Support
    Client Portal
  • Contact

Share:

How to prevent Microsoft 365 account takeover

October 26, 2020 | Blog,Cyber Security,Microsoft 365

How to prevent Microsoft 365 account takeover blog

Microsoft 365 has grown in popularity as Australian businesses become increasingly reliant on cloud platforms to adapt to long-term remote work environments. It’s an obvious decision for businesses to make, considering that Microsoft 365 offers a full suite of productivity and collaboration tools rolled into one package. However, as more businesses move to the cloud, cybercriminals are not too far behind. 

Account takeover is one of the most effective ways for cybercriminals to infiltrate cloud environments and steal sensitive information. According to early 2020 data breach statistics, 133 security incidents reported by organisations involve unauthorised access to accounts through phishing and compromised login details. 

To fully protect your Microsoft 365 accounts, it’s therefore crucial that you follow the security best practices listed below.  

Implement multifactor authentication (MFA)

Passwords alone are insufficient against account takeover because they’re fairly easy to hack. There’s a chance that employees use weak passwords, allowing hackers to simply guess their way into company accounts. Even if users are diligent with setting strong passwords, hackers have brute force software that can crack passwords in minutes through trial and error. 

That’s why enabling MFA in Microsoft 365 is so crucial. Instead of betting everything on passwords, MFA requires users to submit additional login credentials to prove their identity. These credentials include: 

  • One-time activation codes sent via SMS or generated by Microsoft Authenticator
  • Phone callback verification
  • USB security keys
  • Fingerprint scans and facial recognition

By implementing MFA, hackers can’t break in unless they have access to all the credentials necessary to sign in. You can enable this feature for all users by turning on modern authentication in the Microsoft 365 admin centre. It’s also possible to set conditional access policies that require MFA for user accounts based on authorisation levels, location, apps, or other criteria. 

Utilise advanced threat protection 

Microsoft 365 Advanced Threat Protection (ATP) is an enterprise-level service that defends your organisation against a wide array of attacks. It leverages artificial intelligence to detect abnormal behaviour in user accounts and devices that may indicate a threat. Examples of this include an unusual number of login attempts, large file transfers, and one device accessing multiple accounts at once. If ATP picks up any of these malicious activities, it instantly creates a user exposure report and sends alerts to administrators detailing recommendations on correcting the issue. 

What’s more, ATP analyses email attachments and links in an isolated environment to uncover malicious intent. Emails containing traces of malware or fraudulent links are instantly filtered out of employee inboxes, preventing hackers from gaining a foothold into your accounts. 

Review account privileges

When a cybercriminal manages to hijack an account, they’ll often try to escalate their access privileges to compromise sensitive data. Regularly reviewing Microsoft 365 permissions allows you to identify this problem early. With Microsoft 365’s built-in monitoring and auditing features, everything from access permission requests, approvals, and administrative activities are logged and analysed in real time. 

From there, you can review account restrictions and reconfigure access privileges to prevent misuse of company applications and data. For instance, you can program Microsoft 365 so that financial records can only be accessed by authorised accountants and executive managers. It also lets you decommission accounts that are no longer being used, so you can mitigate further damage to your organisation. 

Control access based on device and location

Another effective defense strategy against account takeover is to register devices in Microsoft Endpoint Manager. This allows you to track and establish company-wide policies from a centralised console. More precisely, you can limit access to Microsoft 365 accounts and data if employees are connected to unverified networks and locations. 

Microsoft Endpoint Manager can also deny access to Microsoft 365 if devices aren’t secure enough. That means devices that don’t have anti-malware, encryption, and the latest security patches won’t have authorised access until they’re secured. By limiting access through these methods, cybercriminals won’t be able to remotely infiltrate company accounts.  

Train staff on security best practices

Cybercriminals evade powerful security measures by exploiting a company’s weakest link: its employees. They research their target across open databases and social media to look for names, addresses, and other identifying information. Cybercriminals then use this information to either answer password reset questions or, in most cases, create personalised and deceptive phishing scams. 

In fact, recent phishing emails reference a victim’s workplace and include a malicious link that leads to a fake Microsoft 365 login screen. Any information entered on this page is directly sent to the scammer, giving them unfettered access to company accounts. 

With regular security training, your business can avoid such an outcome. This involves teaching employees to develop good password habits, watch what they share online, and be critical of every email and website. Password policies should encourage staff to set at least a 12-character long sequence of letters, numbers, and symbols that’s unique only to their Microsoft account. Conducting phishing simulations is also a great way to test your employees’ security awareness and help them identify the latest phishing scams. 

If you need professional assistance with safeguarding Microsoft 365 accounts and training your users, look no further than Empower IT.  As Australia’s leading managed IT services provider, we offer well-rounded cybersecurity solutions and services customised to your needs. Get in touch with our experts today to protect your systems from account takeover.

Back to Blog

Subscribe Subscribe for the latest news and updates

"*" indicates required fields

Hidden
This field is for validation purposes and should be left unchanged.

Categories

Cloud Computing 65
Internet 6
Mobility 12
Cyber Security 136
Data Breaches 2
Email Security 10
Password Security 8
Education Industry 9
IT and Business 84
Remote Working 10
IT Planning 37
Budgeting 9
Consulting 10
IT Roadmap 6
Software Applications 76
Microsoft 365 12
Microsoft Dynamics 365 17
Microsoft Dynamics CRM 34
Microsoft Flow 1
Microsoft Intune 1
Microsoft Power BI 7
Microsoft SharePoint 20
Microsoft Teams 6
Technology & Trends 74
Back to Blog

IT Services

Managed IT Services

  • Managed IT Service Desk
  • Managed IT Infrastructure
  • Managed IT Monitoring
  • Managed Backup
  • Mobile Device Management

IT Security

  • Network Security
  • Email Security
  • Website Security
  • Security Assessment

Cloud Services

  • Private Cloud
  • Cloud Migration
  • Cloud Backup
  • Office 365 for Business
  • Job Management System

IT Services

  • IT Projects
  • Business Phone System
  • IT Planning
  • IT Systems Health Check
  • Education Solutions

Software Services

Technology

  • Microsoft 365
  • Dynamics 365
  • SharePoint
  • Power BI
  • Power Apps

Services

  • Business Consulting
  • Software Development
  • Strategic Architecture
  • Intranet Development
  • Data Migration
  • Business Analytics & Data Visualisation

Solutions

  • Solutions by Industry
  • Solutions by Business Need
  • Solutions by Technology

About

  • About us
  • Our Clients
  • Success Stories
  • Our Partners
  • Blog
  • Resources
  • Careers

Follow Us

LinkedIn
Twitter
Facebook

CONTACT US

Support

Ph. 1300 797 838

@. [email protected]

Sales

Ph. 1300 797 888

@. [email protected]

Copyright © 2022 Empower IT      |      Privacy Policy      |      Website Terms of Use       |      Client Portal