For someone who interacts with managed service providers daily, I am often asked to highlight the differences between our Office 365 security app Octiga and a SIEM that provides similar functionality OR a Microsoft native tool such as Secure Score. I thought, why not create an informative piece for our users who wish to understand Octiga services better?

Over the last two decades, the M365 service capabilities have developed rapidly and have evolved into a more complex version. In addition, the Security & Compliance Centre has rapidly expanded in response to the rising sophisticated attacks. Office 365 user numbers have reached approximately a whopping 345 million," broadly aligning with the 17% y-o-y increase in commercial revenue.

Despite the tight security services provided by Microsoft, we know how frequently SMEs' Office 365 is breached, either intentionally by hackers or inadvertently by carelessness. In such a scenario, it makes us wonder, can we fully trust Microsoft to protect us from mal actors in 2022?? The simple answer is yes. The complicated answer is: Microsoft is as secure as WE configure it. Does that make you uneasy?

In 2005, a new market emerged when Gartner coined the term "SIEM" OR Security and Information Event Management. Back then, it was a legacy system aggregating event data produced by security devices, systems, network infrastructures and applications. However, it lacked monitoring functionality and was limited to vertical scalability.

The standard shipping container is the unsung hero of the modern world! More on that later…

This is the second blog in a multi part series helping admins, service providers, consultants and security admins to check and achieve a level of security control in Office 365. Part 1 of this series covered the basic PowerShell commands for Authentication through CIS, here we will talk about ‘Audit’.

Microsoft engineers shared that 99.9% of compromised accounts forgot to turn on MFA. Despite so many warnings and proof of the efficacy of MFA, an M365 security report by Coreview reveals that 78% of M365 administrators do not have MFA activated. Isn't that crazy? It's not always perfect (phishing, social engineering and password brute-force attacks, device theft etc.); nevertheless, it is clearly better than not having it. However, if not implemented with care, it can create headaches for MSPs.

If we look at the industry report, the Managed Services Market is forecast to touch USD 557.10 billion by 2028. It has become a mature business now, however the customers' needs are highly complex when compared to traditional businesses. MSP Business opportunity/challenges can be complex to navigate, often involving multiple external market forces, internal drivers, organisational and client-based frictions, resistance to scaling, and of course, both financial and opportunity costs.

Back in 2008, Microsoft added a new technology to PowerShell and named it Desired State Configuration or DSC. In essence, DSC is the framework that delivers and gives the user tools to maintain configuration. Desired State Configuration allows you to define your environment’s aspired state with a simple declarative syntax that has been added into the PowerShell script. It is then assigned to each target server in your environment.

Office 365 is central to your business needs and business continuity. However, it exposes a large (maybe even the largest) risk surface in your organisation. It is, therefore, crucial to secure it enough to mitigate this ever-present and continuous risk but keep it open enough to ensure as fluid a business as possible. Getting this balance right is difficult, and it can be hard to know where to start. Adopting a common security standard can be a great place.