Office 365 Security Risks 2018-01-12T10:10:34+00:00


Office 365 Security Risks and Concerns Include Data Leaks, Stealthy Admins, Unlimited Login Durations, Default Admin Mailbox, Unsanctioned Cloud Apps, Trial Conversion Loophole, Unmanaged Devices, Unprotected Channels and Compromised Credentials. Get Your Free Office 365 Security Score at US Cloud to See Where You Stand.

Data Leaks

Message security needs to go beyond hygiene, anti-malware, and spam filtering. Protecting business and personal information must be addressed. A data loss prevention (DLP) solution uses much more intelligence to warn or block your users from disclosing sensitive data. DLP policies can be applied based on regular expressions , keywords, data identifiers, or any combination of those.

Stealthy Admins

A vulnerability in Azure AD Connect software can automatically generate a stealthy admin account with full domain control in hybrid Office 365 deployments. Stealthy admins exist outside of protected groups and are less protected and less monitored than those within protected groups. Often these are innocently created through configuration errors, but that create a hidden risk for the network.

Unlimited Login Durations

Session timeouts are annoying, hurt productivity, and increase security. If somebody opens your computer and you are still logged into a web application they could have untethered access to your company’s network – a scenario that is becoming more prevalent with insider attacks.

Default Admin Mailbox

By default, when an account is created it is given admin mailbox. However, the admin account doesn’t need to receive mail, it only needs to administer the solution.

Unsanctioned Cloud Apps

Data could be exfiltrated from Office 365 to an unsanctioned cloud app (i.e. Dropbox).

Trial Conversion Leaks Data

When a free Office 365 account is created under a specific email address that is then later switched to a paid business subscription, administrators have to be careful that Microsoft does not confuse the two accounts or else there is a potential for sharing paid-subscription content with the trial account and the entire contents of a system admin’s OneDrive can be shared with the public.

Unmanaged Devices

User access to Office 365 from unmanaged devices outside of IT control could be used to exfiltrate data.

Unprotected Communications Channels

Without encrypted communication channels, users are susceptible to mail-sniffing, where their emails get leaked, as well as the potential for mail tampering if they suffer a man-in-the-middle attack.

Compromised Credentials

Passwords are often re-used, shared, stolen, and sometimes easily cracked. Once the credentials are compromised, access to the data within each of the Office 365 services is at risk for being accessed, exfiltrated, or even maliciously manipulated.