How to Secure Your Microsoft Cloud Estate from Phishing Emails

Written by Six Degrees on 8 February 2021 in Sponsored Article
Sponsored Article

Phishing emails are one of the most pernicious threats facing organisations today. If you’ve been leveraging Microsoft 365 and Azure to keep your users productive whilst working remotely, Six Degrees offers some steps you should take to secure your deployment and protect your organisation from phishing emails.

Phishing emails are one of the most significant cyber threats facing your organisation today. Designed to evade both technical and human defences, phishing emails will remain one of the main threat vectors that hackers use to deliver both ransomware and business email compromise (BEC) attacks in 2021.

What are phishing emails? Phishing emails are sent by cybercriminals, and they pretend to be from someone you trust like your bank or your local council. Their goal is to convince you to do something which they can use to their advantage, such as click on a link to a malicious website or provide login and other personal details.

Your organisation needs to know how to be better at defending against phishing emails. This includes training your people to identify them, implementing processes to deal with them, and hardening your infrastructure to reduce the chance of a phishing email becoming a launchpad for a ransomware or BEC attack.

Secure Your Microsoft Cloud Estate

If you’ve been leveraging Microsoft 365 and Azure to keep your users productive whilst working remotely, there is functionality available to you in these products that will secure your deployment and protect your organisation from phishing emails. Here are the top six, according to our cyber security experts.

  • Enable spam and virus filters. Ensure all filters are enabled and turned on to block and alert mode to ensure known malicious emails are detected and treated well before they are able to enter a user’s mailbox.
  • File type and file analysis. Enable or whitelist file extensions that are used by your organisation so that all others are blocked by default. If your organisation does not use macro-enabled xlsx documents, make sure they are blocked by default.
  • Sandboxing. Most cloud provider email scrubbing systems have the ability to open a suspected email within a segregated safe area to ensure there are no malicious files hidden within. Enabling this feature allows real-time analysis to be performed before it hits a user’s machine.
  • URL inspection. Most cloud providers have the ability to inspect any web links that are contained within the body of an email to determine if the destination is malicious. This is critical to protect against even the most diligent of users against watering hole attacks. Note: A watering hole attack works by identifying a website that's frequented by users within a targeted organisation, or even an entire sector. The website is then compromised to enable the distribution of malware.
  • Domain impersonation/similarity. Mail scrubbing services have an ability to compare the sender information name, domain etc. to known contacts your users deal with. Doman impersonation or similarity is detected as opposed to the user examining in close detail if the name is spelt wrong.
  • SPF/DKIM/DMARC configuration. Sender Policy Framework, Domain Keys Identified Mail and Domain-based Message Authentication, Reporting and Conformance are security controls built into the email infrastructure that confirm originating emails come from a registered server, are not altered or changed from destination and receiving servers, and upon failure of these control parameters can instruct what happens to the email itself.

By following these six configuration steps, you will go some way towards protecting your organisation from phishing emails and the malicious payloads they are designed to deliver. But there’s always more you can do. We’ve provided an additional six steps you can take in our new phishing infographic, which you can download for free from our website.

Secure Your Microsoft Cloud Estate

Microsoft 365 and Azure are keeping organisations running in 2021, giving people the tools they need to deliver essential services whilst working remotely. But this increased reliance on Microsoft cloud services has meant that hackers are targeting them more than ever before to launch ransomware and BEC attacks. As recent high-profile attacks have shown, the damage they can cause to organisations and their residents and citizens is significant.

To book a free Microsoft Cloud Security Assessment with one of our experts that will help you secure your Microsoft 365 and Azure deployments to protect your people and the communities you support, click here and fill out a simple form.

Share this page

Tags

Categories

Related Articles

Related Sponsored Articles

How digital is helping Defence Medical Services re-imagine HM Armed Forces healthcare
3 February 2021

Defence Medical Services (DMS) is pursuing ground-breaking digital, data and technology transformation which will revolutionise Tri-Service healthcare provision to over 135,000 Armed...

How Your Privacy Program is a Competitive Differentiator
29 January 2021

OneTrust presents the reasons why your organisation should invest in privacy management - and offers three easy tips for getting started 

Email security incidents happen every 12 hours – it’s time to close the gap in Microsoft 365
21 January 2021

The remote-first world has seen email being relied on more than ever as a core communication mechanism - but with 93% of IT leaders acknowledging a risk to sensitive data, what steps should be...

Are You Ready for the Future of Cyber Security?
15 January 2021

2020 was a cyber security wake up call for many organisations. Attempting to provide secure remote access and device flexibility quickly exposed the flaws in legacy systems and processes. As we...