OCTOBER 3, 2023 UNCATEGORISED

Improve your Office 365 Security Governance New

Office 365 security governance is critical. Modern IT systems are at the heart of any organisation. They carry all your critical data, from client information, work-in-progress, procedures, payroll, sales leads, the list goes on.

The information stored within these systems is so valuable that any loss of data may spell the end of an organisation. Like you protect your physical assets, your digital assets also needs to be protected.

Unfortunately with the move to the cloud, it is not uncommon to see that many of the traditional best-practice methods of risk reduction have not been adopted.

CatchBefore was built to help simplify the management of a number of key risk points for organisations. Our software provides a practical solution to address a number of the key security issues raised below.

Best Practice / Traditional IT Governance key-points

1. Access Controls. Access controls provides a method of enforcing rules around which users can access what data or systems. Restricting access to the minimum required reduces risk.
2. Privilege separation. Normal day-to-day activities should be undertaken as a regular user. Administrative functions should be undertaken on a separate, dedicated administrative accounts.
3. Protect user accounts. Password quality and management is critical to make sure user accounts are not compromised.
4. Monitor logs and systems for integrity. It is critical that access logs and systems are continuously monitored to ensure that a breach has not occurred, and that the security of your environment is preserved.
5. Monitor system configuration. The system is never stagnant. It is a moving object, and continuously changing. Unfortunately it is very easy to make a configuration mistake which may negatively impact the security of your organisation.
6. Backup your data. Human error, hardware failures, fires, power surges, software failures, malicious staff, external threat-actors. There are many ways in which your data could be lost. Having a complete and up to date backup system in place is critical for your risk management.
7. Utilise anti-malware/anti-virus software. Actively seeking out malicious software helps reduce risk. The sooner that an attack can be prevented, the sooner the risk can be limited and managed.
8. Monitor and manage server hardware health. Hardware does fail, and can have catastrophic consequences when it does. It is important to manage this risk by continuously monitoring server hardware, and keeping your server within its planned lifespan.
9. Server patch-management. The battle for security is forever ongoing. Attackers find exploits, and vendors provide ‘patches’ to their software to close these exploits. It is critical that software on your server is kept up to date with the latest patches.

Changes since moving to the cloud

Lets have a look at the list , with a perspective of having your data in the cloud:

1. Access Controls. This requirement still applies. In addition to having to worry about limiting access to those within your office, your data is now accessible globally.
2. Privilege separation. The concept of privileged access has been adopted in the move to the cloud. The risk of escalation via administrative privileges applies to 365 tenancies as well.
3. Protect user accounts. The exploitation of user accounts is as problematic as ever in the cloud. Attackers are busy trying to break in to accounts, and in many ways their efforts are helped by reducing the variances in software versions and platforms.
4. Monitor logs for system integrity. Access logs are still generated, however they may not be retained for as long as you have been accustomed to with onsite servers. These logs still provide important information about access to your data.
5. Monitor system configuration for faults. Many of the features with on-premise solutions are also available in the cloud. This means that the configuration options available are vast, and there is a need for regular monitoring for incorrect configuration that may lead to security vulnerabilities.
6. Backup your data. 365 does have some data-versioning capacity. The system does have a grace period before deleting data. Best practice suggests that you have independent backup, with a much longer retention. This will help minimise the risk of data loss due to accidental deletion, malicious removal, or other system failure.
7. Utilise anti-malware/anti-virus software. Although the server running security is no longer your responsibility, it is advisable to still ensure that your tenancy configuration settings are high, and that any devices that connect to your tenancy are secure (fully patched, and running security software).
8. Monitor and manage server hardware health. If you are no longer using an on-premises server, then you do not have to worry about this.
9. Server patch-management.If you are no longer using an on-premises server, then you do not have to worry about this. We should raise that it is still important to ensure that other devices that connect to your 365 tenancy are up to date with their patching.

Most of the IT security governance requirements still exist, even with the move to the cloud. We strongly suggest that all organisations take serious steps to minimise the risks associated with the management of their data.