Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Office 365 is central to your business needs and business continuity. However, it exposes a large (maybe even the largest) risk surface in your organisation. It is, therefore, crucial to secure it enough to mitigate this ever-present and continuous risk but keep it open enough to ensure as fluid a business as possible. Getting this balance right is difficult, and it can be hard to know where to start. Adopting a common security standard can be a great place.

Most users are familiar with Microsoft Exchange Online only as an application for accessing their email inboxes. However, by default, all users also have access to a system called Exchange Online PowerShell. This feature, designed primarily to assist IT administrators, allows a user to programmatically perform actions on a Microsoft 365 (M365) tenant. The specific actions a user can perform depend entirely on the user’s assigned roles.

It has been a tough few months for Microsoft. After the SolarWinds/NOBELLIUM attacks, Microsoft Exchange customers were afflicted with a slew of vulnerabilities. In March 2021, the ProxyLogon vulnerability emerged, followed by an exploit that surfaced in April 2021 called NSA Meeting. In August 2021, Orange Tsai released a series of new vulnerabilities called ProxyOracle and ProxyShell, followed by the discovery of another Proxy flaw, dubbed ProxyToken.

Malicious Microsoft Office documents are a popular vehicle for malware distribution. Many malware families such as Emotet, IcedID, and Dridex abuse Office documents as their primary distribution mechanism. Attackers have long used phishing emails with malicious Microsoft Office documents, often hosted in popular cloud apps like Box and Amazon S3 to increase the chances of a successful lure. The techniques being used with Office documents are continuing to evolve.

The new normal of working remotely calls for solutions that are seamless, flexible, and secure. Most enterprises believe that they are well-equipped to address the evolving cybersecurity threats. However, when employees connect through a myriad of devices, most of the time the security is highly questionable. This is because either they do not use secure devices or lack critical security updates. With cyberattacks becoming highly sophisticated, a host of security challenges awaits for the enterprise!

I can’t tell you how many times I’ve been asked by customers if we can help them apply sensitivity labels at scale to data at rest in SharePoint Online. Unfortunately, I’ve had to tell them that there’s really only one option, and it’s not pretty. To date, there is no API that allow an end user to apply a sensitivity label directly to a file in a SharePoint Online site, so the only real option is to download the file locally, apply the label and then upload the file.