Many organisations have come to rely on Microsoft 365
Sources estimate that between 89% and 94% of organisations are using cloud in one form or another. Cloud has transformed IT environments, offering a range of incredible benefits.
Microsoft has been one of the leading providers of cloud platforms since launching its cloud computing platform, Azure, back in February 2010. In June 2011, Microsoft launched its Software-as-a-Service (SaaS), Microsoft 365. The biggest advantage of Microsoft 365 is that it’s managed and routinely upgraded by Microsoft themselves. This removes much of the maintenance burden and cost. Over the years since it was launched, adoption has rapidly increased to around 200 million monthly active users (circa 2019). Given that an estimated 1.2 billion people use Microsoft products, experts predict the adoption of Microsoft 365 will only continue to accelerate.
Cloud is a high value target for cyber criminals
Microsoft 365 consists of a number of SaaS applications, including email, which is our focus in this document. Whilst there are many benefits of organisations moving email applications to the cloud, most organisations are not naive to the risks of having their data processed and stored on infrastructure and software owned by a third party.
Cybersecurity has become a major consideration in recent years. Cyber criminals have become more sophisticated and elaborate in targeting high value data. If they can compromise an organisations Microsoft 365 environment, it provides a way in to harvest lots of valuable and sensitive data. They can learn how the company operates and identify new targets to exploit.
Identify organisations that can benefit from additional security layers
Microsoft fully recognise the cyber threats facing organisations using Microsoft 365. They acknowledge, for many organisations using Microsoft 365, their security and compliance posture is optimised when Microsoft’s security and compliance features are layered with security and compliance tools from specialist trusted third party vendors.
Cyber criminals use Microsoft 365 account-takeover attacks to learn how a company operates, how it uses email signatures and how it handles financial transactions. That’s why it is important to know when you are dealing with a compromised Microsoft 365 email account. But also how you can help your customers with the challenges of protecting the right cloud security.
Every organisation is unique. For some basic workplaces, turning on the security features that come with the native Microsoft 365 might suffice. However, for most organisations, a much more layered approach is required. The only way to determine this is by carrying out an assessment to understand the organisations current posture and risk. It is important to stress, that whilst no IT system is impenetrable, taking a multi-layered approach offers a much stronger security and compliance posture for an organisation.