We’re firm believers in using multi-factor authentication whenever possible (for more on what multi-factor or two-factor authentication is, read our article on the subject). Multi-factor authentication allows for extra protection to your accounts and should be use everywhere possible.
Recently we’ve seen more and more attempts by the bad guys out there to try and infiltrate Office 365 accounts. Once they get in, they make attempts to adjust mail flow rules as well as send out spear phishing attacks. Spear phishing attacks are more sophisticated type of phishing where the emails are targeted towards specific individuals, organizations, or business. They come from trusted email addresses (of hacked Office 365 accounts) so they’re more likely to be successful.
We are working to prevent these kind of attacks from causing any damage. We have setup reporting to notify us when an account has rules and preferences setup that would signify that something isn’t right. But one of the best ways to prevent this type of compromise is to enable multi-factor authentication on your Office 365 setup. We’re going to be working our way through our CompleteCare clients and having discussions about Multi-Factoring their Office 365 security setups, as it’s a bit complicated to setup and ensure it’s configured and enforced properly. Security is never easy, but this will make your Office 365 setup much more secure.
Interested in having Weston enable 2FA on your Office 365 setup? Contact us and we’ll discuss the next steps and come up with a game plan. If your environment is not managed by Weston and you’re looking to try it yourself, Microsoft has some directions on how to do it here. Be careful, however, as if not done right, you could lock yourself out of your account.