The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has published an Alert providing recommendations related to Microsoft Office 365 (O365) deployments, which organizations can review to ensure their environments have been properly configured to protect, detect, and respond against potential attackers. CISA adds that since many organizations have recently migrated to cloud collaboration services, such as O365, and perhaps did so speedily, they may not have fully considered the security configurations of these platforms. Some of the recommended security configurations include enabling multi-factor authentication for administrator accounts (as well as for all users), disabling legacy protocol authentication when appropriate, and integrating logs with an existing SIEM tool. This Alert is an update to a previous CISA product, Microsoft Office 365 Security Observations, which was published in May 2019. Read the Alert at CISA.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!