How to protect Office 365 from coronavirus-themed threats

Microsoft's new Office 365 security defaults and OAuth 2.0 support will help meet new US government recommendations to thwart COVID-related attacks, Make sure they are properly implemented.

A computer monitor displays code and a pixelated skull, surrounded by virus wireframes.
Calvin Dexter / Layritten / Getty Images

The National Cyber Awareness System, part of the US Cybersecurity and Infrastructure Security Agency (CISA), recently released an alert about Microsoft Office 365 with guidance and security recommendations for Microsoft’s cloud service. The recommendations include adding multi-factor authentication (MFA) to both administrator and user accounts. You can whitelist the static IPs of your offices so when users remote into the office, they will not be prompted for MFA. I have seen, though, that the minute you roll out Office 365 mailboxes, attackers start to use brute force attacks on the mailboxes using harvested passwords.

Microsoft 365 security defaults

Microsoft has rolled out a concept of “security defaults” for Office 365. However, they are not enabled retroactively on existing tenants and are only rolled out on new tenants. These defaults, as noted by Alex Weinert, include the following:

  • Requiring all users and admins to register for MFA.
  • Challenging users with MFA -- mostly when they show up on a new device or app, but more often for critical roles and tasks.
  • Disabling authentication from legacy authentication clients that can’t do MFA.

To continue reading this article register now

22 cybersecurity myths organizations need to stop believing in 2022