INSIDER THREAT SECURITY BLOG

Microsoft’s licensing can be a little confusing when it comes to figuring out exactly how many E5/E3 licenses you will need to actually leverage the security features associated with a given license. This blog is written with the assumption that you know what features you are interested in buying and/or at have a basic understanding of the O365 E3/E5 license suites security features. One of the main reasons I looked into this in the first place was to figure out how features which require …

Do you know what happens when you share a file via a Microsoft Team’s – Team Chat? That file is not just saved in the Teams chat but is also uploaded to either SharePoint or OneDrive depending if the chat was directly with another person or with a Team. In this blog, we will cover the locations that you can access shared files for future use. OneDrive: When sharing a file directly with another person using the Teams chat, the file you send is uploaded to both you and your target user’s …

This is what it looks like to create an access link, in this blog I will explain which settings affect what options are available on these link creation pages. SharePoint is all about collaboration and sharing, and in the SharePoint Online cloud, giving access to resources is a bit different than the traditional method of giving a user or group access to something. In SharePoint Online access is primarily controlled via Access Links which can b…

If you are a security analyst, engineer, admin, or otherwise responsible for protecting the personal and private data of employees and customers – the following 3 statistics should frighten you.  The frequency of insider threats incidents has increased by 47% in the past two years – the Ponemon Institute  Disgruntled employees rank in the top 5 contributors for insider data breaches according to Verizon. Somewhere between 20 and 30 mil…

Azure Information Protection (AIP) is Microsoft’s cloud-based solution for classifying and, optionally, protecting sensitive documents and emails in both cloud and on-prem environments. AIP is a powerful tool (that we’ve discussed before) that can automatically apply labels and encrypt files based on admin-defined rules, and even protect documents after they’ve left an organization’s network. Changes to AIP Administration AIP was released in 2016, however, the product received…

If you’re storing data in Amazon S3 (Simple Storage Service) buckets, it’s highly likely you’ve taken a look at Amazon Macie. If you’re new to the AWS ecosystem, Macie is a tool Amazon built to help S3 users discover, classify, and protect the sensitive data they store in their S3 instances. On a positive note, offering a tool like Macie is a good thing as Amazon S3 users have had their fair share of challenges keeping their buckets (and the data within them) out of harm’s way. The visibil…

Let’s face it – security professionals struggle to keep up with and defend their organizations against the wide variety of tactics, techniques, and procedures (TTPs) attackers can use to infiltrate networks, elude detection, compromise credentials, and escalate privileges on their way to compromising enterprise data. Correspondingly, there is an ever-increasing number of storage platforms and repositories available to house the data security professionals need to protect, both on-premises and…

Allowing legacy authentication to your SharePoint online tenant unnecessarily exposes it to a number of attacks and exploits that you can easily avoid by simply disabling legacy authentication to your tenant. Microsoft has made it clear that all roads lead to the cloud, and with that Azure Active Directory has become an even more critical piece as the identity provider to O365. Microsoft has introduced a number of security-focused features into its cloud platform over the last couple of years…

According to a study conducted by Mio, 91% of businesses use at least two messaging apps, of which slack and Microsoft Teams are present in 66% of the organizations surveyed. Teams adoption has been growing quickly due to its interoperability with the rest of the Office 365 suite which makes collaborating easier than ever. While collaboration is great, security is a major concern for organizations who are still considering the move to Teams from Slack, Skype, etc. The great double-edged sword…

SharePoint continues to remain one of the most popular content collaboration platforms (CCP) at the enterprise-level, continuing to grow in adoption year over year. This adoption shows not only growth in the expected area of SharePoint Online, but continued expansion in SharePoint On-Premises as well. As SharePoint continues to grow, one of the largest areas of concern is around the security of the platform. A well designed, maintained, and governed SharePoint farm is usually a very safe e…