DHS CISA alert provides recommendations on securing Office 365 installs

Pierluigi Paganini May 04, 2020

The US DHS CISA agency issued a new alert that includes recommendations on how organizations should properly secure Microsoft Office 365 installs.

The current COVID-19 pandemic is pushing organizations to adopt a growing number of cloud-based services, for this reason, the DHS CISA published a new alert that provides recommendations to secure Office 365 deployments.

According to the Agency, many organizations contine to deploy their infrastructure without implement best security practices and exposing them to the risk of cyber attacks.

“Since October 2018, the Cybersecurity and Infrastructure Security Agency (CISA) has conducted several engagements with customers who have migrated to cloud-based collaboration solutions like O365. In recent weeks, organizations have been forced to change their collaboration methods to support a full “work from home” workforce.” reads the alert published by CISA.

“While the abrupt shift to work-from-home may necessitate rapid deployment of cloud collaboration services, such as O365, hasty deployment can lead to oversights in security configurations and undermine a sound O365-specific security strategy,” .

The alert contains recommended the following configurations when deploying Office 365 installs:

  • Enable multi-factor authentication for administrator accounts;
  • Assign Administrator roles using Role-based Access Control (RBAC);
  • Enable Unified Audit Log (UAL);
  • Enable multi-factor authentication for all users;
  • Disable legacy protocol authentication when appropriate;
  • Enable alerts for suspicious activity;
  • Incorporate Microsoft Secure Score;
  • Integrate Logs with your existing SIEM tool;

“CISA encourages organizations to implement an organizational cloud strategy to protect their infrastructure assets by defending against attacks related to their Office 365 transition and better securing O365 services,” continues the alert.

This is the second time that CISA provides a similar alert, in May 2019, the agency issued another alert for those organizations that were migrating to Microsoft Office 365 and more in general to cloud services.

Please vote Security Affairs for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS
https://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Office 365, CISA)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment