Tag Archives: #Office365

Why Do I Need Multi-Factor Authentication for My Cloud Services?

Security, , ,
Employee holding a smartphone while entering a multi-factor authentication code for his personal data.

Incorporating multi-factor authentication into your cloud services.

In the modern world, getting hacked and/or having your credentials stolen from a once-trusted service is like catching a cold. It may not happen to everyone every year, but it’s pretty darn common, and the environment moves too fast for anything to be guaranteed 100% hacker-proof. When it comes to user accounts, employee accountability, and keeping your proprietary data secure is worth the effort – especially when that effort is fairly quick, easy, and familiar for all users.

Multi-Factor and the Cloud

Multi-factor authentication is the padlock on the locked shed of your user and data security. Hackers buy and sell stolen login credentials and specialize in new ways to steal them. A password is only so secure, and even live anomaly detection systems are not perfect. The importance of security only increases as we move to the cloud – where data is available to any authorized user at any time – as part of the core principles of cloud service. Two-factor authentication takes that security one step further (or more) in ensuring that the real authorized human is on the other end of every login.

If you don’t have it now, you need to have these services on your business applications and systems to prevent your business from being the next cybersecurity breach in the news.

Office 365

If your team uses Office 365, you use your Microsoft password and login for everything which means being compromised just once can give access to all your work logins at once. This is one of the primary sources of internal wire fraud attacks.  A lot of time it occurs in this manner where once they have access to your email they email other employees requesting gift cards or to do a wire transfer.

Multi-factor, however, prevents hackers from being able to take the final step just to login. The need to have both the stolen login credentials and the victim’s personal phone at the same time makes this prospect nearly impossible -which is why there are scams where hackers will ask you to relay your multi-factor codes. Don’t do that.

VPN Connections

VPNs are Virtual Private Networks. If your business works with a VPN, then you have opened an internal network space so it is available for remote employees through a VPN login. If one internal user’s login is compromised, the entire virtual network and all your internal file systems may be put at risk.

Multi-factor authentication, however, requires that a live human in the company receive a text every time an account tries to log in. If it is their account and they weren’t trying to access the system, this throws an immediate red flag. Not only is the hacker unable to get past the login stage of their planned intrusion, but they might be more profoundly caught.

You can also use each un-initiated multi-factor text message as a trigger to change passwords company-wide, invalidating all previously stolen credentials on the spot.

Multi-Factor is a Modern Necessity Made Easy

Today, we need more than passwords to secure every account, and multi-factor authentication is a quick, easy solution to an ongoing challenge.

Whether it be office 365, VPN connections, or other cloud-based software, having multi-factor authentication prevents thieves from accessing your data because they are not going to have your cell phone. When you have your wallet stolen, you cancel credit cards to prevent them from falling into the wrong hands. Your phone is the modern wallet and today, you or a business can remotely wipe your phone if it is lost or stolen to keep your data from falling into the wrong hands.   Today, a person’s phone is the last key to gaining access to company data through multi-factor authentication.

Are you ready to incorporate multi-factor authentication into your cloud services? Are you ready to help your employees and infrastructure evolve beyond password security? So are we.

If you have not already implemented MFA on your line of business (LOB) software, give us a call and we can assist you in navigating these waters to protect your business.  Contact us here so we can review your current policies and look at ways to tighten your security so you’re not the next business target that we read about in the news.

I Have Office 365, Why Do I Need a Spam Filter?

Security, ,
Installing spam filter - Hands of a businessman typing on a laptop - showing spam emails.

Providing the best possible protection for your email data.

Email security is important for any organization in order to protect against data breaches, malware, and phishing attacks. Cybercriminals are constantly evolving their methods for exploiting vulnerabilities, and organizations need to ensure that their email security solutions are up to date in order to protect themselves.

Office 365 (O365) utilizes Microsoft’s Exchange Online Protection (EOP) as its built-in spam filter, but many organizations find that EOP does not provide the level of protection they need. In these cases, it is necessary to supplement EOP with a third-party spam filter in order to provide the best possible protection for email data.

Why the Office 365 Spam Filter Isn’t Enough

There are a number of reasons why a third-party spam filter may be necessary, even for organizations that already have O365. EOP is not always effective at blocking spam and phishing emails.  As a result, many organizations find that a significant percentage of spam and phishing emails still make it through EOP and into their inboxes. If you are using Office 365 and are relying on its security filters to provide adequate protection for your email data, you may want to consider supplementing it with a third-party spam filter. Doing so can help to ensure that your organization is better protected against the latest threats.

What Separates Spam Filters from Office 365?

A few key features separate third-party spam filters from Office 365’s EOP. Today, we will take a look at a few of the most important ones.

Artificial Intelligence

One of the most important features of any spam filter is its ability to utilize artificial intelligence (AI) in order to identify and block spam emails. AI-based spam filters are constantly learning and evolving, which means they are better able to keep up with the latest threats. EOP, on the other hand, relies on static rules that are not as effective at blocking new and sophisticated threats.

Email Continuity

Another important feature that separates spam filters from EOP is email continuity. This feature allows users to continue accessing their email even if the email server goes down. This is important because it can help to ensure that business operations are not interrupted in the event of an email outage. EOP does not offer this feature, which means that organizations that rely on it may experience disruptions in their email service if the cloud service goes down.

Data Loss Prevention (DLP) Content Policies

Another important difference between spam filters and EOP is the ability to create and enforce DLP content policies. DLP content policies help to ensure that sensitive information is not sent through email. This is important because it can help to prevent data breaches.

DKIM & SPF Email Authentication Protection

Spam filters also typically offer DKIM and SPF email authentication protection. This is important because it can help to ensure that emails are not spoofed. Spoofed emails are a common type of phishing attack, and they can be difficult to detect. By using a spam filter that offers DKIM and SPF protection, you can help to ensure that your organization is better protected against these types of attacks.

Zero-Day Protection to Stop Advanced Threats

Zero-day protection is another important feature that is offered by many spam filters. This type of protection helps to ensure that emails containing new and unknown threats are blocked. While Microsoft is able to detect and block some new threats, it is not always able to do so in a timely manner. This means that there is a window of opportunity for cybercriminals to exploit. By using a spam filter that offers zero-day protection, you can help to close this window and better protect your organization against new and unknown threats.

Searchable, Unalterable Messaging Archives for Easy Regulatory Compliance

Another important feature that is offered by many spam filters is the ability to archive email messages. This is important because it can help organizations to meet compliance requirements. Email messages that are archived can be easily searched and retrieved, which makes it easier for organizations to comply with regulations.

While many organizations may be under the impression that third-party spam filters will be a significant expense, the truth is that spam filters outside of Microsoft can be purchased for only a few dollars a month and can actually save organizations money in the long run.

Be sure to check back with us every week this month as we discuss other solutions to better protect your organization from cyber threats and provide better features and services that don’t break the bank. If want to learn more about our services and improve your cyber security strategy, contact us to take the next step.

What Are My Mailbox Size Concerns with Office 365?

How To, , , ,
Businessman and his administrator doing a routine check on their organization's computers - checking their Office 365 mailbox size.

Be sure your admin is checking your organization’s mailbox sizes regularly.

Microsoft Office 365 offers a variety of features to its users, but one feature that is often overlooked until it becomes a problem is mailbox size. Whether you are running a small business or a personal email account, having the right-sized mailbox is critical to ensure that email messages are delivered on time and without any issues.

Many people start using Office 365 with a small mailbox and then realize their mailbox has become too full. At that point, it cannot be easy to find out how to increase your mailbox size in Office 365.

So, what are your mailbox size concerns? Here we explore and explain some of the common questions around Microsoft Office 365 mailbox size.

How Do You Check Mailbox Size in Office 365?

Office 365 only offers a limited amount of storage space. However, the default size varies according to the subscription pack you choose and the type of mailbox. While some default sizes are 50GB, others are 100GB.

As you can see, it is a limited space that sooner, might not be able to serve your needs anymore. And that’s why it is good for your admin to regularly check the mailbox size to avoid issues like the inability to send and receive messages.

However, the Office 365 Admin Center does not provide any tools to manage mailbox sizes, including your own. Office 365 natively uses Microsoft Exchange Online, which allows you to manage user mailbox sizes.

To get the usage report from the Microsoft 365 Admin center, here’s how to go about it:

  • Go to Microsoft 365 Admin Center
  • Click on the Reports tab, then Usage and select Report
  • Go to Exchange, and there you get the Mailbox Usage

So, the Mailbox Usage report you get from the Admin Center will indicate the consumed storage space. Luckily, you can still access the real user mailbox size, shared mailbox size, and resource mailbox usage report via the Exchange Admin Center (EAC) or Exchange Online via the Other Exchange Reports in the left pane.

And this is how to view the actual Mailbox size report:

  • Login to Microsoft 365 Manager Plus.
  • Click the Reports tab.
  • Traverse to Exchange Online, then the mailbox Reports in the left window.
  • Within the Size Reports group, tap on Mailbox Size report.
Can I Increase My Office 365 Mailbox Size?

Yes, you can. Any user can increase their mailbox size in these two ways:

  • You can allot it an Exchange Online Plan 2 license to augment the storage limit from 50GB to 100GB.
  • Allow Exchange Online Archiving. You will get an extra 50GB of space, and with the auto-expanding archiving, you can get even unlimited space, but it’s contingent on your Microsoft 365 license.

Growing your mailbox to your maximum share isn’t the only way to make your mailbox space. Also, Exchange Online lets you use retention policies to keep or do away with data automatically, depending on the criteria you select.

There are also backup and archiving tools available online to decrease the data stored in your cloud. These tools allow you to preserve data discoverability and hinder the mailbox from congestion.

How does Archiving Operate?

There are two ways to archive:

  • By creating an archiving policy. The policy operates by retention, where the old data is automatically archived or depending on the retention tags your company allocates data.
  • Sending the items yourself (manually).

The plan you choose will determine how much storage space you have per mailbox and the other features you will receive. Each plan also allows archiving mailboxes, which hold emails that are no longer in daily use but still needed for reference.

Archiving is charged based on storage size, so it is good to look at cheaper plans if you’re not expecting your employees to need more space.

Conclusion

Office 365 is a very capable email server. Users with larger mailbox sizes may want to take a moment to consider their storage options with Office 365. Smaller mailbox sizes may be more than sufficient for their needs.

You can do most things on it on Exchange, such as auto-responders, archiving, and other capabilities. And Microsoft has found workarounds to make it possible for even those with mailboxes over the threshold. As long as you’re willing to be cautious about some of the issues surrounding this solution, your organization can use Office 365 and have mailboxes upwards of 25 GB.

Well, are you stuck with any network issues? Feel free to get in touch! We at SystemsNet are a reliable source for your network issues.

Why MFA is Important for Your Company’s Cybersecurity

Security, ,
Employee activating a multi-factor authentication using a mobile phone and a laptop.

Securing your information systems against cybercriminals.

It’s becoming increasingly challenging for individuals and businesses to secure their information systems against cybercriminals. Hackers are always trying to find ways of breaking into your data systems, and mere passwords may not be sufficient deterrence. To enhance your data security, there’s a need to add an extra layer of security, and this is where multi-factor authentication (MFA) comes into the picture.

What is Multi-Factor Authentication (MFA)?

Also referred to as 2-Factor Authentication (2FA), multi-factor authentication is a security system combining more than two forms of authentication to improve account security. With the MFA in place, credentials won’t be enough to allow access to your accounts.

When you activate the MFA on your device, account or website, the server will automatically require a second independent form of authentication to log you in successfully. Without this additional authentication, you won’t be able to access your account, website or device.

Importance of MFA on VPN connections to the office

VPNs provide a safe and secure environment for remote access to your internal on-premise applications, but they aren’t a silver bullet. If you’re providing users with just a password and username to access your VPN connections, you’re not completely immune to data breaches because those credentials can be stolen.

Here are reasons you need to activate MFA on your VPN connection:

  • Protection against credential theft: The MFA provides an additional layer of security when accessing your accounts, data and websites.
  • Provides visibility into all devices on the network: MFA sends authentication requirements to devices, so you can tell which devices are connected to the network.
  • Secure access to on-premises and cloud applications: With the MFA on, login credentials in the wrong hands won’t do much harm.
  • Help enforce granular access security policies: It’s a way of enforcing security policies – just ensure every user has MFA activated on their endpoints.
  • Achieve regulatory compliance: It’s a requirement to meet data security policies.
Importance of MFA on Office 365 logins

Hackers often fish for any loopholes to exploit and gain access to your data, and one potential place to find a loophole is your Office 365 account. Thankfully, Microsoft realized they needed to secure their Office 365 client accounts back in 2014, and made a provision for adding the MFA.

Here are some important benefits of adding MFA:

  • Increase security of user logins: When you activate the MFA, you’ll be required to acknowledge a phone call or text, message, or an app notification on your smartphone, so you can access Office 365 services. This means you won’t have to worry about your logins falling into the wrong hands, and someone using them to access your account. You will receive a notification when they attempt to log in, and know it’s time to change your logins.
  • Prevents phishing attacks: MFA helps you to know you’re logging into Office 365, and not a replica site designed to steal your sensitive data. If inputting your credentials doesn’t trigger a second authentication activity, then you know you’re about to fall victim to a phishing attempt.
  • Keeps track of all login activity: Multi-factor authentication can also help you keep track of all logins, so you can review them periodically to see if there’s abnormal activity. A notification of a failed login should be the first red flag you should look for when you’re ascertaining the security of your Office 365 account.

MFA is no longer a luxury today when cybercriminals are hell-bent on compromising your information systems and causing data breaches. A data breach can be a costly affair, requiring you to spend thousands of dollars to restore your systems. Be sure to set up MFA on all your accounts and VPNs to have an additional layer of security. At SystemsNet, we can help you implement MFA on your accounts and keep your data safe. Contact us today to handle all the installations.