Webinar: Advanced Hunting
I am deeply convinced that moving to the Cloud – for most companies – will increase their security dramatically – I would even go that far that a secure future without leveraging the cloud is not possible anymore. However, it does not come “just for free”, you still need to know what you need and what you do.
Typically the complexity for the customer is lower the higher you go up the stack. You obviously need to do more on Infrastructure as a Service compared to Software as a Service as the responsibility shifts.
So far so good but this morning I read an article on a study by CISA at the DHS in the US on Microsoft Office 365 Security Observations, which shows that a lot of partners actually weaken the Microsoft default, when it comes to security. That’s what they found:
- Multi-factor authentication for administrator accounts not enabled by default
- Mailbox auditing disabled
- Password sync enabled
- Authentication unsupported by legacy protocols
I basically disagree with the complaint that password sync is enabled. We never sync passwords but salted hashes and the sync allows us to support you with account protection and it might be the way to survive a ransomware attack.
But the rest….. At least an interesting read
Related posts
An interesting summary, but finally also showing that you always have to consider your complete threat landscape – I had to smile on the use of the old protocols, which you might still need.
But also agree that any move from self-managed to a managed services is in many cases more secure, simply due to the fact that a service provider can scale better.