As users would typically work from within the company office and use applications hosted on local servers, these were largely effective. Data was safely contained within this secure environment.
Nowadays though, due to consumer demand for greater mobility, usability and flexibility, technology has evolved to rely increasingly on cloud services and mobile devices. The most popular of these is Office 365 which enables employees and businesses to be much more productive and collaborative.
But, now that the suite of office apps no longer resides on our networks and users can access them from anywhere, we no longer have the internal and external boundaries defined the firewall. We also don’t have the physical visibility of users gaining access. We now need security that protects access to the data itself, rather than firewalls around the systems upon which that data resides.
Most breaches involve compromised passwords
The problem is that the username and password access control we have been using is not an adequate security measure on its own. That has been proven time and time again by high profile breaches.
Verizon found in their 2017 Data Breach Investigations report that 81% of breaches involved compromised passwords. This is not surprising given the increase in phishing attacks and that people simplify, duplicate and often write-down passwords in order to remember them.
Office 365 phishing
Office 365 is the most widely attacked application. Phishing frequency within Office 365 is estimated to cost the average organisation 1.3 compromised accounts each month via unauthorised, third-party login using stolen credentials.
Business owners have a responsibility to keep data safe from unauthorised access so it’s vital to add another layer to help protect your Office 365 applications before granting access to the confidential data that is stored within the apps.
This can easily be accomplished with Duo’s Two-Factor Authentication (2FA) solution from Trilogy Technologies. With 2FA in place, user accounts are much better protected since access to data is not granted until an additional challenge has been satisfied via the DUO app on the user’s phone.
This is much more secure than SMS based 2FA codes. Remember the recent incident involving SMS authentication which affected Reddit?
Another key benefit of the DUO solution is that once it’s in place for Office 365, you can protect hundreds of other apps on premise and in the cloud at no additional cost!
By Trilogy Technologies.
