Level up your Microsoft Office 365 Security

Last year, I had the opportunity to participate in a live session in French as official Varonis Speaker about Microsoft 365 Security (Varonis Elite member) at aOS Nice 2020 with Mickaël Lopes (Cyber Security Pre Sales Engineer @ Varonis). We are seeing an uptick in adversaries using a very tricky Man-in-the-Middle (MitM) attack to bypass MFA and breach Office 365 tenants (for example). So, during the session, we have shown how to level up your Microsoft 65 Security (Deep Dive – Microsoft Teams) with Varonis solution.

You can still rewatch the record (French) of the streamed session below or on Youtube:

Varonis allows to increase productivity, sustainably, reduces risk, and lowers your cost. The products automate time-consuming data management and protection tasks and extract valuable insights from your human-generated data (unstructured data).

Varonis reduces the risk in the following ways:

  • Data mistakenly exposed is identified and locked down safely, including sensitive and regulated content,
  • Sensitive data are identified with classification feature (based on Patterns and regular expressions),
  • Analytics, Compliance (GDPR, PCI..) and audit,
  • Access controls are much more restricted, employees have access to only what they need,
  • Data owners with knowledge of their data assets are in control, the right people review data access and group memberships,

  • Example: 32 users with passwords that never expire.

  • Every file and email (Microsoft Exchange and Office 365) touch is captured and analyzed,
  • All use is monitored,
  • Automatic baselines are created for every user, deviations are detected (abnormal behavior),
  • Abuse is detected and real-time alerts are triggered,

  • Example: Abnormal behavior – 17 MB of data sent to Gmail with Backup service account. This account is identified as Domain Admin.

  • Security: All actions are monitored (suspected Ransomware, Crypto tool utilization, Data leak, insider threats etc.)

Varonis’ cyber kill chain:


Security and Data Governance with Varonis: Blog post

Office 365 MitM attack and Varonis protection – Screenplay


Christopher GLEMOT

Data Management & Security Team Leader | Technical specialist around Data, Security, Backup, Disaster Recovery, Cloud, Governance, Virtualization and Storage | Veeam Vanguard 2016-20 & VMCE | Founder of ArmoricanCloud.com | Owner of original-network.com
Please follow and like us:
Advertisement

Leave a Reply

error

Enjoy this blog? Please spread the word :)