(October 2020) Now that Microsoft has ended support for Office 2010 effective October 13, 2020, customers are encouraged to begin migrating to Microsoft 365, the subscription-based version of the company’s venerable productivity suite. However, some organizations may be hesitant to make the transition due to lingering concerns about cloud security.
In Fugue’s 2020 State of Cloud Security survey, 92 percent of organizations said they are concerned that the rapid shift to remote work operations has made them vulnerable to a major cloud data breach. Respondents said they are concerned about maintaining the security of their cloud environments during the transition as remote employees begin using new services and applications.
While no system is entirely hack-proof, Microsoft 365 is backed by layers of formidable security, data protection, and compliance features. These features include multifactor authentication, mobile device management, advanced threat protection, data loss prevention, and encryption of data at rest and in transit. When properly configured and implemented, Microsoft 365 is one of the most secure application suites available to businesses and consumers.
Layered Protections
The cornerstone of Microsoft’s security effort is Microsoft 365 Defender. This suite of security solutions coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks. The suite’s components include:
· Defender for Endpoint, which provides near-real-time discovery of endpoint vulnerabilities, threats, and misconfigurations through continuous scanning. Built-in sensors allow you to detect vulnerabilities even when devices are not connected to the corporate network.
· Defender for Identity monitors and analyzes user activities and information across your network, creating a behavioral baseline for each user. It then identifies anomalies with adaptive built-in intelligence, giving you insights into suspicious activities and events.
· Defender for Office 365 helps protect against attacks hidden in email attachments and links and provides cutting-edge defenses against zero-day threats, ransomware, and other advanced malware. Rich reporting helps you identify high-risk and abnormal usage, security incidents, and evolving threats.
· Cloud App Security is a cloud access security broker (CASB) that enables users to securely access cloud resources, no matter where users are located or what device they are using. Additionally, it enables administrators to classify data so that it can be used and protected more efficiently.
Beyond the Defender suite, Microsoft 365 includes many other advanced security features. Automatic updates of essential antivirus, antimalware, and antispam software help ensure that users are protected against emerging threats. Online administration makes it easy for organizations to customize their settings for data access, permissions, and policies.
Access Controls
Microsoft has also made it extremely difficult for unauthorized individuals to gain access to your cloud data. Microsoft 365 operates on the principle of “zero standing access,” which means that nobody — not even Microsoft engineers — has default access privileges. When role-based access is granted after authentication through Azure Active Directory, it is on a “least-privilege” basis.
Physical access is also tightly controlled. The data centers housing Microsoft 365 servers are guarded and monitored around the clock, and feature layers of security such as biometric access controls, surveillance cameras, and steel perimeter fences. Furthermore, Microsoft does not disclose the specific locations of its data centers to the general public.
While the cloud does present unique security challenges, continuing to run unsupported software such as Office 2010 creates a far greater risk. When security weaknesses and technical flaws are no longer patched or fixed, older software can be exploited in many different ways. Microsoft 365 provides the tools, insights, and intelligence necessary to identify and mitigate the most advanced threats.
Mainstream Technologies has the experience and expertise to help guide your organization through a successful Microsoft 365 migration and properly secure the environment to mitigate threats. Contact us today for more information.
ABOUT MAINSTREAM TECHNOLOGIES
Since 1996, Mainstream Technologies (www.mainstream-tech.com) has established itself as one of the most respected technology companies in Arkansas with headquarters and data center facilities in Little Rock, and sales offices in Conway and Bentonville. Mainstream’s full range of technology services includes IT Management and Consulting, Custom Software Development, Cyber Security, and Data Center Services. Our team of experienced technology professionals serves public and private sector customers across the United States.
Jeff Pracht
IT Business Development Manager
(479) 715-8629 Office
(501) 529-0008 Mobile