You must have had a long holiday, right? ❄️However, the holiday season might be over, but that doesn’t mean the celebrations must! With the new year in full swing, it’s time to make a fresh start and set new goals.
And the best way to kick off the new year is to ensure that your Office 365 enterprise is ready to take on whatever challenges and threats arise. Hence, in this special new year’s edition, we will explore the most popular Office 365 blogs of AdminDroid that made headlines and aided thousands of sysadmins.
Launch of the First Series Venture – Cybersecurity Awareness Month
Since October is cybersecurity awareness month, we initiated a series that provided 31 essential Microsoft 365 security best practices to prevent and protect the organization from cyber-attacks. Ultimately, it was a successful launch, and we received a lot of positive feedback from sysadmins saying these articles shed light and helped to protect their businesses.
Listing some of the most featured articles that might help you too in the future!
1. Restrict User Access to Azure AD Portal:
Microsoft has let every user access the Azure AD portal. Yes, you heard it right! 💢But the question is, do Office 365 users really need access to the Azure portal? IMO, it’s completely a red flag!
Even though having permission may seem like a minimal threat, it’s not what it seems. A hacker can gain all the details about the organization by exploiting any unprivileged user. Therefore, it is crucial to restrict user access to the Azure AD portal and prevent unnecessary data exposure.
2. Office 365 Offboarding Best Practices:
According to research, one out of every ten ex-employees have ongoing access to their company’s systems, even if they have been terminated. Isn’t this a potentially dangerous threat? Ignoring this situation will result in massive sensitive data disclosure, malicious attacks, and so forth!
Therefore, it’s time to get started and adhere to standard guidelines when an employee departs the company. So, in summary, administrators should implement the best Office 365 offboarding security practices and reduce significant threats.
3. Deploy Phishing-Resistant MFA and Safeguard Your User Accounts:
With Conditional Access policies, admins can require multi-factor authentication. Unfortunately, this will accept any type of multi-factor authentication the user registers. Consequently, this led to users using weak authentication methods such as SMS, phone calls, etc.
In response to the rise of MFA attacks and threats, Microsoft has added the ability to require different authentication methods for different circumstances. It has now classified four different authentication modes under grant control in Azure CA policies. They are:
- Basic multi-factor authentication.
- Passwordless multi-factor authentication.
- Phishing-resistant multi-factor authentication.
- Custom multi-factor authentication.
For example, responsibilities in your organization may range from basic-level workers (contingent staff) to design teams, development teams, highly privileged accounts, etc. With the updated “require multi-factor authentication strength” option available under grant control in CA policies, admins can differentiate among different MFA methods for different cases at once.
Check out this complete guide explaining how to use the newly released grant control in CA policies – use phishing-resistant MFA to implement stronger MFA authentication.
A Still Trending Technological Monster – ChatGPT:
No one would be there without knowing this latest social media buzz, chatGPT.🚀 Unlike mundane, pre-programmed responses, it comes in a human-speak conversational style. Whether you’re a tech enthusiast or looking for a solution to any erroneous codes, the chatGPT is sure to be a hit.
And with its constantly improving language generation capabilities, the chat GPT keeps getting better and better. So, I asked the AI-driven virtual assistant a few questions related to Office 365. Eventually, it brought out the answer I expected! 👏There is no doubt that this ChatGPT will be useful to all users, especially sysadmins.
Overall, we need to be intelligent enough to ask questions to an AI bot. Depending on how well we tailor the questions, an AI bot will provide clear and detailed answers.
In the below blog, you can read what it brought up in the questions I asked– The new chatGPT AI chatbot: a saviour for Microsoft 365 sysadmins.
Security is our Priority – Stay Alerted and Empower Office 365 Security
Microsoft 365 was subject to many threats throughout the year. And, with that, MFA fatigue and SIM-swapping attacks have been widespread since then. But what if I told you that there is a simple solution to them? Let’s see what measures need to be taken in order to ward off emerging serious threats.
1. MFA Fatigue Attacks:
MFA fatigue is a technique of constantly spamming the user with MFA push notifications for additional verification. By continuously spamming, attackers assume users will approve requests considering that they came from a reputable source.
Overall, MFA push notifications are the sole reason for MFA fatigue attacks. So, Microsoft introduced several ways to prevent your Office 365 organization from MFA Fatigue attacks. They are:
- Use number matching with push notification.
- MFA additional contexts for push notifications.
- Shows application name in the push and passwordless notification – Displays which application the user is attempting to sign in to.
- Show geographic location in the push and passwordless notification – Displays from where the request is attempted.
Follow the procedures outlined in this blog and stay vigilant against the rising multi-factor authentication attacks- Steps to safeguard from security flaws found in the MFA push notification method.
2. SIM Swapping Attacks:
SIM swapping is also known as the SIM hijacking method. Here, the hacker collects the victim’s personal information (email address, date of birth) and impersonates the victim, then contacts the mobile provider and convinces them to activate the victim’s number on the fraudster’s phone.
This might result in hackers bypassing MFA, stealing bank accounts, and gaining access to social media and other accounts.
Use strong MFA methods to defend your Microsoft 365 users from SIM swapping attacks – Here we have compiled a list of preventive measures you should take before your SIM gets hacked! 💢
3. Overcome Phishing and Spoofing Attacks with SPF, DKIM, and DMARC:
As every business relies on emails, hackers take advantage of this situation and run phishing campaigns against Office 365 mailboxes. So, we’re in the urging stage to adopt strong email authentication methods to avoid such attacks. And; topping the email authentication list are SPF, DKIM, and DMARC.
To make you understand everything in simpler terms, we’ve worked on an elaborately detailed guide to configure SPF, DKIM, and DMARC in your organization.
4. Secure a Compromised Microsoft 365 Account:
As an administrator, it is essential to stay vigilant and take proactive measures to prevent your organization’s Office 365 accounts from being compromised. Because a single hacked account can result in sensitive data breaches, open ways to attack vectors, cause reputational damage, etc.
So, we have put together a comprehensive guide covering information on ways to secure a compromised Microsoft 365 account.
📌Add this guide to your favorites now and defend user accounts from such account intrusions!
5. Temporary Access Pass – Way to the Passwordless Future:
Are you tired of being constantly threatened by password attacks? Going passwordless with Office 365 is the solution to all of your problems! Not only does it eliminate the need for complex and hard-to-remember passwords, but it also increases security among organizations.
A Temporary Access Pass is a multi-factor authentication mechanism. It is a time-limited passcode issued by an administrator to meet strong authentication requirements.
A Temporary Access Pass can be used in two different scenarios:
- TAP can be used to onboard other authentication methods like passwordless methods, FIDO2 or Windows Hello for Business.
- Additionally, TAP can be useful to users/admins who have lost their FIDO2 security key or their second-factor authentication app.
Make the switch to passwordless login with Office 365 today and say goodbye to the hassle of passwords!
Discover how you can implement TAP from scratch for a new user here – Enable passwordless authentication with temporary access pass.
Discover What’s new in Microsoft 365?
1. Disable User Creating New Azure AD Tenants:
Everyone might not be aware of this setting, but when Microsoft introduced the brand-new Azure AD user tenant management setting, there was a lot of buzz on social media. By default, Microsoft allows users to create Azure AD tenants and has set the default value to True.
However, allowing users to create their own tenants could open doors to potential security risks! So, as an admin, it’s critical to maintain control and security over your organization. Therefore, MS introduced a new toggle to manage user tenant creation.
So, it is suggested to disable user tenant creation in Azure AD and maintain better control over your organization’s cloud environment.
2. Exchange Online Basic Authentication Deprecation:
Uff and oh! The deprecation of Exchange Online Basic Authentication is the only topic that has been widely discussed by Microsoft. Now that the date has arrived! As of now (January 2023), all basic authentication protocols in Exchange Online are completely disabled.
So, if any of my fellow admins have not upgraded the scripts and applications to modern authentication, now is the time!
Follow the steps as suggested and upgrade to the latest modern authentication.
3. The Most Beneficial Feature in Microsoft Teams – Shared Channels:
Shared channels in Microsoft Teams have made communication with people inside and outside the organization a lot easier. These shared channels can organize work more efficiently and securely with external partners while also increasing transparency and visibility within your team. Eventually, this will reduce unnecessary team creation in an organization.
So, to enable external collaboration, turning on B2B Direct Connect is required.
Follow the steps below to enable external collaboration in Microsoft Teams. Don’t miss out on this valuable collaboration tool – start using shared channels today!
4. External User Types for CA Policies in Azure AD:
Specifying external user types while creating conditional access policies was a big boon for organizations. Because, previously while creating CA policies, admins can only include or exclude external users as a whole.
Now with the latest update, you can apply conditional access policies to different external user types, added through various collaboration methods. The classified types of external users are:
- B2B collaboration guest users (preview)
- B2B collaboration member users (preview)
- B2B direct connect users (preview)
- Local guest users (preview)
- Service provider users (preview)
- Other external users (preview)
Thus, organizations can enforce multiple Conditional Access policies by either including or excluding specific external user types.
Look at the below article that explains the different external user types briefly – External user types for CA policies in Azure AD.
To summarize, we’ve highlighted some of the most insightful Microsoft 365 articles to help you stay up to date on the latest features and best practices. We’re not stopping here! We’ll continue to provide you with the latest and greatest Office 365 updates in the future too.
Whether you’re a seasoned Office 365 pro or a newbie to the platform, these blogs offer valuable insights and will have you covered. So, as you gear up for the new year and all it has in store, be sure to bookmark this post, refer back to it regularly, and get the most out of Office 365.