November 23, 2020

Volume X, Number 328

Advertisement

November 23, 2020

Subscribe to Latest Legal News and Analysis

US Department of Homeland Security Warns of Office 365 Security Risks

We have been discussing the abrupt roll-out of remote workforce capabilities both in this space (here and here) and in our recent webinar.   As companies raced to get employees up and running remotely, business continuity was the primary focus, while privacy and cybersecurity issues likely took a backseat.   The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert providing security advice for companies that may have rushed out Microsoft Office 365 (O365) deployments to support these remote work environments. 

CISA warns in this latest alert that it continues to see companies that have failed to implement the necessary security for the Office 365 implementation, and expresses concern that the hurried nature of the deployments may have led to important security configuration oversights that could be (and have been in the past) exploited by bad actors.

CISA says “In recent weeks, organizations have been forced to change their collaboration methods to support a full ‘work from home’ workforce… While the abrupt shift to work-from-home may necessitate rapid deployment of cloud collaboration services, such as O365, hasty deployment can lead to oversights in security configurations and undermine a sound O365-specific security strategy.  CISA continues to see instances where entities are not implementing best security practices in regard to their O365 implementation, resulting in increased vulnerability to adversary attacks.”

CISA encourages organizations to implement an organizational cloud strategy to protect their infrastructure assets by defending against attacks related to their O365 transition and better securing O365 services. Specifically, CISA recommends that administrators implement the following mitigations and best practices:

  • Use multi-factor authentication. This is the best mitigation technique to protect against credential theft for O365 administrators and users.

  • Protect Global Admins from compromise and use the principle of “Least Privilege.”

  • Enable unified audit logging in the Security and Compliance Center.

  • Enable Alerting capabilities.

  • Integrate with organizational security incident event management solutions.

  • Disable legacy email protocols, if not required, or limit their use to specific users.

Attacks on O365 environments as a result of oversights in cyber-hygiene can result in unauthorized access to company confidential information, trade secrets, and personal information triggering notification obligations under state data breach notification laws.  Keep your employees and your corporate information safe by securing your remote work environments.   And wash your hands.

©1994-2020 Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C. All Rights Reserved.National Law Review, Volume X, Number 127
Advertisement

TRENDING LEGAL ANALYSIS

Advertisement
Advertisement

About this Author

Cynthia Larose, Privacy, Security, Attorney, Mintz Levin, Law Firm, electronic transactions lawyer
Member / Chair, Privacy & Cybersecurity Practice

Cynthia is a highly regarded authority in the privacy and security field and a Certified Information Privacy Professional (CIPP). She handles the full range of data security issues for companies of all sizes, from start-ups to major corporations. Cynthia is masterful at conducting privacy audits; crafting procedures to protect data; advising clients on state, federal, and international laws and regulations on information use and data security; helping organizations respond to breaches; and planning data transfers associated with corporate transactions. She is an in-...

617-348-1732
Advertisement
Advertisement