As many organizations move to the cloud, CrowdStrike has noticed a significant increase in both opportunistic and targeted attacks against cloud resources, with a large number of these attacks targeting organizations’ Microsoft 365 (M365) infrastructure, often specifically around their business email service, or Exchange Online.

This is the second blog in a multi part series helping admins, service providers, consultants and security admins to check and achieve a level of security control in Office 365. Part 1 of this series covered the basic PowerShell commands for Authentication through CIS, here we will talk about ‘Audit’.

This blog is a continuation of our series on working with chatbots leveraging Microsoft Teams. In Part 1 of this series, we examined how to set up a chatbot within Microsoft Teams. In Part 2, we explored how to send rich notifications using Cards and use the Microsoft Graph API and the chatbot to proactively find and contact users within Microsoft Teams.

Microsoft 365 provides a powerful document management and collaboration platform. However, with so many applications available in the platform to store and share information internally and with external parties, such as partners, contractors and vendors, ensuring proper access and data security can be a challenge. In this blog we examine how to ensure secure file sharing in Microsoft 365 and Teams.

Microsoft engineers shared that 99.9% of compromised accounts forgot to turn on MFA. Despite so many warnings and proof of the efficacy of MFA, an M365 security report by Coreview reveals that 78% of M365 administrators do not have MFA activated. Isn't that crazy? It's not always perfect (phishing, social engineering and password brute-force attacks, device theft etc.); nevertheless, it is clearly better than not having it. However, if not implemented with care, it can create headaches for MSPs.

In January 2022, Microsoft announced that Excel 4.0 macros will be restricted by default, as a measure to protect customers against malware based on XLM 4.0 macros. As a more aggressive measure, on February 07, 2022, Microsoft announced that they will start blocking VBA macros for files downloaded from the internet.

If we look at the industry report, the Managed Services Market is forecast to touch USD 557.10 billion by 2028. It has become a mature business now, however the customers' needs are highly complex when compared to traditional businesses. MSP Business opportunity/challenges can be complex to navigate, often involving multiple external market forces, internal drivers, organisational and client-based frictions, resistance to scaling, and of course, both financial and opportunity costs.

Email messaging is the most widely used form of communication, whether in the business world or in our daily personal lives. And it is because of this reason that email communication is one of the most targeted areas by cybercriminals.

Your Microsoft 365 data is a prime target for ransomware. Attackers know that Microsoft 365 lives directly in the path of business-critical operations now more than ever. As highlighted by Mandiant – one of the industry's leading cyber security firms – this translates to “targeted threat groups investing a lot of time and money into understanding Office 365 and understanding how to attack it.”