Protect your Office 365 account against password hacking

By enabling Multi Factor Authentication (MFA) on your Office 365 accounts you can reduce the chance of a hacker getting access to your data

Recently we have seen more instances of Office 365 passwords being compromised to either:

  • Trick the user into transferring money into the attackers account.

  • Data encrypted and held for ransom.

  • Extortion

Good password practises and passwords is essential, but having a multiple authentication before having access to your data is another step the attacker has to take to gain access. Attackers will most likely pick and easier target when they encounter this.

Multi-Factor Authentication for Office 365 is a feature that prevents access to your data and email unless on a trusted device or through a second authentication.

Other features are also available on your Office 365 tenancy including: Azure AD integration, password policies and self service password reset

mr_robot-copy.gif


Security - Largest data breaches of 2017

Now we are in 2018, its time to look back at 2017 and the exploits that have had the biggest impact:

last year was an eye opening study in real-world repercussions for cyber security lapses. Executive firings, stock drops and class action settlements were among the knock on effects of a data breach.

  • Uber – Massive data breach of 57 million accounts. CSO Joe Sullivan and his deputy Craig Clark both lost their jobs for their roles in maintaining poor security standards and unethical handling of the breach debacle.

  • Equifax – Data Breach impacted 147 million customers. Following the public disclosure of the breach, the credit bureau lost a staggering $4 billion in market cap! This is living proof that data breaches impact stock prices. The CSO, CEO and CIO all stepped down from their roles. This story shows that public backlash against security blunders is now reaching the boardroom.
  • Securities Exchange Commission – The SEC released information about a breach that occurred last year of its EDGAR financial disclosure system that could potentially put at risk stock trading information. SEC Chair Jay Clayton was brought up in front of a senate panel to explain.
  • Anthem – The fallout from a class action against Anthem was the biggest on data breach settlements record! Following the breach of 80 million patient records, Anthem had to shell out $115 million in settlements.
  • UK NHS – This incident didn’t just put jobs or money at risk, it also put lives at risk too. The WannaCry outbreak in March caused an interruption in 16 different hospitals across the UK.
  • Yahoo – Although this was reported in 2016, the fallout from the breach continued when Verizon managed to secure a $350 million discount in their acquisition of Yahoo. Good thing too as after the deal went through Verizon discovered the breach actually impacted 3 billion users, not the 1 billion originally disclosed by Yahoo.
  • Marissa Mayer – The Yahoo fallout also affected the bank balance of the former CEO of Yahoo. Verizon forced her out early due to the breach. The board clearly made an example out of their leading executive. Mayer lost a $2 million bonus and up to $12 million in stock compensation as a result of how the company handled its data during her tenure.

The days of pretending that data breaches don't matter to the business or to executive job security are quickly drawing to a close. This past year has shown how real the implications can be for business viability, for the job prospects of top brass in charge when lapses occur, and even for the personal finances of CEOs when it all goes south.

Trend Antivirus has been making some massive movements in this space and just came out on top of NSS Labs 2017 Breach Detection Report with a 100% score. Let us know how you can better protect your data and IT assets from exploits.