Historically, one of the challenges of Azure was trying to contain private traffic to resources such as platform-as-a-service (PaaS), Azure files, and Azure SQL. Customers envisioned having a cloud data center with services, and they strived for a vehicle to encapsulate the traffic as they would with a traditional data center.
In order to address security concerns, such as password spray attacks, Microsoft has announced it will end Basic Authentication support on Oct. 13, 2020 for certain protocols. From a risk assessment perspective, the services slated to be blocked as of March 2020 are ActiveSync, POP, IMAP, EWS, and Remote PowerShell.
Talking about the cloud as a solution no longer draws skepticism in the business world. With over 77 percent of businesses having at least one application or a portion of their infrastructure in the cloud, it is safe to say businesses are now comfortable with cloud technologies. Yet with the increased comfort level comes deeper discussion about what businesses can move to the cloud.
In light of the coronavirus disease 2019 (COVID-19), companies are looking for a means to offer employees the ability to work at home to maintain "social distancing." With employees hunkering down to remain healthy, Microsoft is helping companies by offering Office 365 E1 licenses for six months. This version of "free Teams licensing" provides unlimited chat, built-in group and one-on-one audio or video calling, 10 GB of team file storage, and 2 GB of personal file storage per user. You also get real-time collaboration with the Office web apps, including Word, Excel, PowerPoint, and OneNote.
Once the decision has been made to stage an Active Directory site in a cloud tenant, there are some core principles which should be noted.
Microsoft recently noted the findings of the "Organizational Security & Compliance Practices in Office 365," a 37-page report conducted by CollabTalk LLC and the Marriott School of Business at Brigham Young University. Key takeaways from this paper are:
With 2020 being around the corner, it is important to mindful of the vast wave of Microsoft products which are being end of life.
From a Microsoft Azure Active Directory perspective, there are two approaches to MFA:
1. A laser accurate approach specific to the application in the Azure blade using conditional access
2. A global approach managed through the “Multi-factor authentication” page via Office 365
Password complexity has been touted for some time to prevent identity theft. Especially in an Active Directory environment. Typical password complexity rules in Active Directory are:
Cybersecurity has become a frequently used term in business these days.
Whether you hear it in the news or in a meeting, most people are aware that businesses everywhere, and every size, are being targeted by cyber criminals. Just recently companies such as Equifax, Netflix, Sonic, and Yahoo! found their names in the headlines as the latest victims. However, the smaller companies that are also victims hardly get a mention even though they account for 43 percent of all incidents, which cost them an average of $879,582 in damages.
