How to Reduce Security Incidents When Using Microsoft Office 365
As Thailand and the rest of the world continue to rely more on digital communications and business, the need to be able to operate securely online is growing exponentially. Thailand is currently in 35th place out of 194 countries when it comes to cybersecurity.1 This placing could be improved once the introduction of the Thailand Personal Data Protection Act (PDPA) and Thailand Cyber Security Act (CSA) is fully complete. However, it’s important to recognize that the risks facing Thai companies is not diminishing; the threat landscape is likely to increase in severity and the impact will likewise become more pronounced.
The PDPA will take effect in May 2020, requiring organizations to comply with a strict set of regulations regarding the collection, use, and disclosure of personal data. Non-compliance will attract civil penalties and punitive damages up to twice the amount of actual damages. Criminal penalties could include imprisonment up to one year and fines of up to THB1 million.2
The Thailand Cyber Security Act goes hand-in-hand with the PDPA in that it covers the need to put cybersecurity measures in place to protect public and private sector databases.
Combined, these two new pieces of legislation are driving an increased focus in Thailand on making sure businesses have adequate cybersecurity in place.
Security and the move to the cloud
The cloud has levelled the playing field for many Thai businesses, making it easier for them to access enterprise-level solutions and increase the velocity of their operations. For most businesses, moving to the cloud has lived up to expectations, delivering greater productivity, flexibility, cost savings and agility.
Microsoft Office 365 is one of the most popular cloud-based business systems in the world. And with good reason; it offers users access to the full suite of Office products that they can access from any location. This means workers can be productive from anywhere as long as they have an internet connection. The subscription-based cost structure means companies pay for what they use rather than investing significant upfront capital in licenses that may go unused. Since it’s a cloud-based offer, users always have access to the latest version rather than having to manually upgrade when a new version becomes available.
Office 365 also comes with some built-in security features that may go beyond the rudimentary security capabilities of smaller companies, giving them a more secure environment than an on-premise solution.
However, using Office 365 could mean that some companies are losing visibility into and control over what they send to, store in, and receive from the cloud.
How to protect your data in the cloud with Microsoft Office 365
Organizations that rely solely on the native security features within Office 365 could potentially be leaving gaps in their cloud security. These vulnerabilities are highly attractive to cybercriminals and it’s no longer a matter of if a company is attacked, but when. Therefore, it’s essential that Thai organizations work with a trusted and experienced partner to secure their Office 365 environment.
Specifically, it’s important to have a cloud threat protection system that detects and analyzes malicious files and emails, preventing them from reaching users. It’s also crucial to carefully control cloud-sharing permissions.
Fujitsu Thailand has significant expertise in securing cloud environments, especially in protecting against account takeovers, ransomware attacks, and data loss:
1. Account takeovers
When organizations use the cloud, they depend on users keeping their credentials secure. This is because anyone with the right login details can access the company’s cloud-based systems. Cybercriminals can gain login credentials through phishing attacks, brute force attacks, or malware. Office 365 native security doesn’t provide visibility into whether a cloud-based account is being used by an authorized user or has been hacked.
2. Ransomware attacks
Ransomware encrypts all the data in an organization’s system, rendering it unusable. The attacker then demands a ransom payment to release the data. In some cases, the data is released on payment but, in others, the data remains permanently encrypted or corrupted. In most cases, once a company has paid the ransom, they become the victim of subsequent attacks because they have indicated that they’re prepared to pay.
When all of an organization’s data resides in the cloud, an effective ransomware attack can cripple the business.
3. Data loss
Using cloud apps makes communication fast and easy but it also means that corporate data resides outside the traditional, defensible corporate perimeter. This opens up a greater risk of that data being compromised. Given the new legislation in Thailand regarding protecting sensitive data, it’s more important than ever to prevent data loss from occurring, either by mistake or due to malicious activity.
How Fujitsu can help
The Fujitsu cloud security solution includes email security on the cloud that scans external email including content, attachments and links. It identifies malware, blocks user access to suspicious sites, and identifies attempts to impersonate legitimate users. This dramatically reduces the risk that a logged-in user is a cybercriminal. This means account takeovers and ransomware attacks are stopped in their tracks, while data loss is minimised by detecting and protecting sensitive information in outbound email.
The Fujitsu Cloud Access Security Broker (CASB) takes this a step further to give businesses visibility into all Office 365 application activity, assigning each user with a ThreatScore based on the riskiness of their behavior. This lets companies enforce policies via alerts, enhanced user authentication policies, and by quarantining or blocking users. In this way it can help detect and prevent the spread of ransomware.
The CASB also limits data loss by automatically detecting confidential content in apps such as email, OneDrive, SharePoint and Teams. It can then undo unsafe sharing actions, delete sensitive content that doesn’t belong in Office 365, block unsafe downloads and uploads, and quarantine sensitive content.
Fujitsu also provides multifactor authentication, which adds additional authentication methods such as a token code, fingerprint scan, or onetime passcode to ensure that attackers can’t access accounts even if they have the credentials.
Isolation lets users safely click on links and interact with websites in an isolated, secure, and disposable container, while endpoint protection uses advanced machine learning to detect polymorphic malware and block ransomware’s attempt to download encryption keys.
By working with Fujitsu, Thai organizations can gain all the benefits of Office 365 while protecting against security breaches and enhancing compliance with new and emerging privacy legislation.1https://www.itu.int/dms_pub/itu-d/opb/str/D-STR-GCI.01-2018-PDF-E.pdf