Cybercriminals are among the few who welcomed the pandemic that struck the entire globe. The shift from people working in offices to working from home and connecting to the corporate networks remotely gave threat actors more opportunities to expose corporate network vulnerabilities and gaps in security.
As a result, many large organizations were victims of ransomware and phishing attacks that stole data or intellectual property. But small and medium businesses are far easier to target because hackers know these firms typically lack the technology, people and processes to block, identify and mitigate cyberattacks.
Focus on User Identities
To help our customers take on this challenge, Velosio produced a webinar, How to Protect Your Company from Cybersecurity Threats—In 2022 and Beyond, with Carolyn Norton, Director of Cloud Engineering and Operations for Velosio, as our IT security expert. As Norton discusses, cybercriminals focus on compromising user identities—by trying to access usernames and passwords to gain entry into business networks. In the last month of 2021, 83 million cyberattacks occurred against commercial enterprise customers using Azure Active Directory. 78% were the result of weak authentication where users relied on simple usernames and passwords.
Once hackers get in, they can use a compromised user account to access other user accounts, systems and data. If they happen to crack the identity of an executive or someone in IT, there’s no telling how many systems and sensitive data they might be able to infiltrate. Essentially, they can get the “keys to the kingdom.”
A common vector to steal user identities is e-mail. The user is tricked into opening an e-mail, clicking on an attachment or a link, and providing credentials, either intentionally or unintentionally. Attackers fool their victims by creating elaborate e-mails or websites to create a false sense of security and trust, which prompts the user to expose information the attacker can act upon.
Key Steps to Protect Your Digital Assets
To protect data and ensure your digital assets are not at risk, Norton recommends first assessing where you are at in your security journey to find opportunities to improve your security posture. Also realize that the assessment is not a one-time or even an annual event. The security landscape changes weekly, daily, and sometimes hourly. So deploy a methodology to constantly re-assess the latest threats and best practices to protect your assets.
As you begin to assess your security posture, Norton suggests breaking the process down into four phases:
- Where are you at today? By documenting what’s going on in your environment, you can create a baseline against which you can track your progress in the coming months and years.
- What can be done immediately to improve your security posture? You will never get to the finish line, but you want to always move in the right direction by deploying technologies that close your security gaps. (see sidebar for tips)
- What ongoing processes do you need to implement? Continuous, proactive risk management is mandatory—methodically review your major areas of risk, new threats, and opportunities to improve.
- What’s your plan if an attack occurs? Develop a remediation plan with procedures to prevent attacks from succeeding and limit the damages of any successful breaches.
All four phases should be reviewed periodically for possible changes. What works today may need to be replaced, or you may discover a vulnerability has been neglected.
7 Tips to Strengthen Your Security Posture
1. Deploy single sign-on to consolidate user logins and make credentials easier to secure and manage.
2. Make sure every user has multi-factor authentication turned on for accessing systems.
3. Implement a policy of least privilege access to limit which systems each user is authorized to access.
4. Manage user groups to adjust permissions as roles change or people leave the company.
5. Keep your software and hardware up-to-date—avoid running old versions.
6. Apply application and operating system patches regularly.
7. Rely on governance policies to properly tag, manage, store, archive and protect sensitive data.
The Importance of Getting The Initial Assessment Right
Norton emphasizes the importance of your initial assessment. Getting it right will set the stage for all the other phases to accomplish their objectives. The assessment begins with an analysis of your software licensing, which gives you an opportunity to right-size or add additional licensing that makes sense for security. Make sure what the organization is looking to do with those licenses is accurate. You may want to scale licenses up or down or change the license types.
Then look at how users are using the environment and rate your current identity security posture by reviewing the Microsoft Secure Score of your Active Directory. Are protections in place and being reviewed? Who is getting attacked? What malicious attachments, files or activities are occurring? Is data being exfiltrated out of your organization?
Help for Assessing Your Environment
If you need help in assessing the security posture of your IT infrastructure, Velosio can run an analysis of your environment to get a sense of what is going on, both on-premises and the in the cloud. We help you gain a full-picture view of your environment and determine the next best steps by measuring the risk to your digital assets and the likelihood of network assets being taken down. We also help you evaluate the consequences of losing important data or entire systems, and how long it will take for your organization to recover.
To learn more about protecting your IT environment, watch our webinar on-demand.
Protect Your Business – Schedule Your Free Security Assessment
To reduce your organization’s chance of being impacted by a security event you should schedule your free security assessment today.
Microsoft 365 Security and Licensing Assessment from Velosio:
- A 2-Hour Assessment of your security/licensing posture for your Microsoft/Office 365 tenant; includes reviewing findings and our recommendations.
- Security Score and Best Practices: Learn your security rating, user identity posture, and get best-practices advice.
- Recommendations: Learn how to improve your security with multi-factor authentication, email and tenant protection, anti-spam, malware/ransomware protection, and any licensing changes that would be to your benefit. Learn what you may be missing in M365 Tools.