21 May 2020
At the end of April, Microsoft CEO, Satya Nadella was quoted in the media saying his company had seen two years’ worth of digital transformation (DX) in two months, with massive demand for remote teamwork and learning, sales and customer service, and critical cloud infrastructure and security. This major change was one of the reasons why Microsoft’s January-March earnings and profits exceeded market expectations.
In the following weeks we took a good look at the 2020 Thales Data Threat Report that was compiled recently with the help of IDC Research. In their findings it was not surprising to see that DX is being used as a strategy by 43% of the companies in the report in order to disrupt the markets and sectors in which they participate.
Some of the key findings in the report are –
To access the 2020 Thales Data Threat Report Click Here.
Our team can assist businesses to apply transformational technology in the pursuit of new opportunities in a safe manner and help them to protect the data assets that are key to an organisation interacting with customers, gaining insights, and operating their business. For more information Click Here.
Read about our Cybersecurity Improvement Program.
In our last newsletter we wrote about some of the security challenges associated with popular video conferencing solutions. Zoom had attracted some negative commentary in the media; however, it’s good to see they have started acting on the CEO’s promise to improve security within 90 days by announcing the purchase of the security company Keybase, who build secure messaging and file sharing technologies.
Whilst we haven’t encountered this particular phishing campaign please be aware that there are reports of phishing emails in circulation pretending to be Microsoft Teams notifications. These emails attempt to take victims to fake landing pages that use language and imagery taken from Microsoft's Teams and 365 websites, giving these domains a realistic look. Once on a fake landing page, the user is asked to enter their credentials which are then harvested by the attackers.
To view recent articles on this issue -
threatpost.com: Microsoft Teams Impersonation Attacks Flood Inboxes.
www.bleepingcomputer.com: Convincing Microsoft 365 phishing uses fake Microsoft Teams alerts.
Contact Mike or Steve who are available to discuss our Teams security audit service.
The US national risk advisory body - Cybersecurity and Infrastructure Security Agency (CISA) - has issued an alert encouraging organisations to implement a cloud strategy aimed at protecting their infrastructure assets by defending against attacks related to their Microsoft 365 migration and better securing Microsoft 365 services. Specifically, CISA recommends in the alert that administrators should implement 6 mitigations and best practices. Further information here.
Having undertaken a number of Microsoft 365 security audits (view details of the service here) the key learnings and market observations we have noted are:
Read a case study or testimonials from our customers about our Microsoft 365 Security Audit.