CoreView released a new report showing that most Microsoft 365 admins have not enabled multi-factor authentication to secure their accounts from unapproved remote access and are not implementing other standard security measures. According to the study, 78% of Microsoft 365 administrators haven’t activated multi-factor authentication while 97% of Microsoft 365 users do not use MFA.
This is a big security risk especially when most of the workers are remote. The IT teams should recognize this issue and deal with it so as to successfully prevent cyberattacks and reinforce their organization’s security posture.
The SANS Institute states that 99% of data breaches could be prevented by utilizing MFA, whereas Microsoft mentioned in an August 2020 blog article that MFA is a very important measure to put in place to avert unauthorized account access, detailing that 99.9% of account breaches may be averted by employing MFA.
The CoreView study additionally pointed out that 1% of Microsoft 365 administrators fail to utilize strong passwords, even if hackers are skilled at guessing passwords using programmed brute force attacks. Even when using strong passwords, there is no assurance that a breach will be avoided. A strong password gives no safety when a user becomes a victim of a phishing scam. In the case of stolen passwords, MFA provides protection and should prevent those passwords from being utilized to get account access.
The CoreView M365 Application Security, Data Governance and Shadow IT Report showed that Microsoft 365 admins are granted excessive control and they have got access to high-value sensitive information. 57% of Microsoft 365 admins were discovered to have too many permissions to access, change, and share business-critical data. Also, 36% of Microsoft 365 administrators are international administrators. They get complete control over their organization’s overall Microsoft 365 environment. 17% of Microsoft 365 admins are additionally Exchange admins and have access to the entire organization’s email accounts, which include C-Suite accounts. If ever Microsoft 365 admin accounts become compromised, attackers could access the whole Microsoft 365 environment as well as the massive volumes of sensitive information. The Microsoft 365 environment does not only contain a large amount of readily monetized data, the accounts are furthermore linked to other networks and can be employed for a much wider attack on the company.
The study furthermore revealed that organizations have put in heavily in productivity and operations programs that allow personnel to communicate, collaborate, and work more effectively, however, there has been an increase in shadow IT, particularly SaaS applications. SaaS apps are usually utilized by employees without the IT department’s knowledge. A lot of those SaaS apps lack proper security and allow preventable cyberattacks to happen.
At a fundamental level, malicious applications can siphon off critical information. Users may additionally possibly be disclosing sensitive organization data by means of these programs to compromised parties so that organizations are at substantial risk of a data breach. It’s critical that companies appropriately keep track of these programs for probable security gaps.
Companies that move to Microsoft 365 frequently underrate their security and governance responsibilities, wrongly believing that Microsoft 365 is protected by default and includes the required protections to avoid data breaches. Although Microsoft 365 can be safe, companies need to be proactive and make certain that security is dealt with, there is adequate monitoring of shadow IT, and adequate data governance.