Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Office 365

Top 7 Office 365 Security Best Practices (includes Actionable Tips)

Follow our best-practice recommendations for Office 365 security. These security recommendations would help you avoid common configuration errors and improve security posture to protect Office 365 against cyber attacks. Microsoft Exchange online is one of the many products in O365 offering. It is a cloud-based messaging solution consisting of an Exchange server.

You Can Run, But You Can't Hide: Detecting Malicious Office Documents

Malicious Microsoft Office documents are a popular vehicle for malware distribution. Malware families such as Emotet, IcedID, and Dridex use Office documents as their primary distribution mechanism. Several recent Emotet attacks used a novel approach to sending email baits and hosted the malicious documents in cloud apps to increase their success.

Dangerous Docs: Surge in Cloud-delivered Malicious Office Documents

The global pandemic caused an abrupt shift to remote work among enterprise knowledge workers, which in turn resulted in an increase in risky behavior. Attackers immediately tried to capitalize on the pandemic, with COVID-19-themed phishing emails, scams, and Trojans. At the same time, techniques used in more sophisticated cyberattacks continued to evolve.

O365 Phishing Attack Used Real-Time Validation against Active Directory

A phishing attack used real-time validation against an organization’s Active Directory in order to steal users’ Office 365 credentials. According to Armorblox, the phishing attack targeted an executive working at an American brand that was named one of the world’s Top 50 most innovative companies for 2019 on a Friday evening.

Netwrix Auditor for Exchange - Overview

Netwrix Auditor for Exchange simplifies IT auditing across your Exchange Online and on-premises Exchange environment and provides actionable audit data, all in one place. See who has access to what, monitor non-owner mailbox access events, and track Exchange configuration and permission changes, so you can prevent data breaches, prove IT compliance and ensure ongoing availability of email services.

Netwrix Auditor for SharePoint - Overview

Netwrix Auditor for SharePoint empowers you to reduce the exposure of sensitive data and detect suspicious user behavior and policy violations before they result in data leaks or business disruptions. Plus, its ready-to-use intelligence enables you to automate many of the compliance and security-related tasks that until now required hours to complete so you can meet the demands of your organization without constantly being overburdened.

Leaky O365 Links: Accidental Exposure in O365 Link Sharing

Did you know that the default “copy link” option in O365 personal accounts generates a public shared link with edit permissions? In this edition, we will cover how link sharing in O365 can lead to the accidental internal and public exposure of sensitive data.

ManageEngine launches M365 Security Plus, an exclusive security solution for Microsoft 365

Data is the cornerstone of most businesses. Companies handle a substantial amount of data every day, and just one data breach can result in compliance violations, lawsuits, and more, costing the company thousands of dollars. Here at ManageEngine, we believe that part of what makes a business successful is having an efficient security solution. Taking that one step further, we have designed the perfect security solution for Microsoft 365: M365 Security Plus.

How Egnyte and Microsoft Tackle Content Governance for Teams

I sometimes wish someone with gravitas had said, “There is no content without security.” That would have looked good coming from Churchill or Lincoln. But their lack of foresight about content services doesn’t diminish a very important fact, one that carries its own brand of import: the importance of security and governance for a company’s critical data.

Managing Content Sprawl in Microsoft 365

Sprawl happens when anyone and everyone can create a site or team, usually without oversight, planning, or any kind of formal training, resulting in dozens/hundreds of rarely used or abandoned sites and teams, a poorly-performing search experience, and your intellectual property (content and conversations) spread across multiple locations each with a maze of chats, files, and channels.