Defend Against Next-Generation Threats, Without a Next-Generation Budget - OFFICE 365 SECURITY - Paladion
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
www.paladion.net OFFICE 365 SECURITY Defend Against Next-Generation Threats, Without a Next- Generation Budget Author: Rohit Kumar EVP & HEAD CLOUD SECURITY
02 DEFEND AGAINST NEXT-GENERATION THREATS, WITHOUT A NEXT-GENERATION BUDGET Executive Summary Office 365 offers small and medium businesses (SMBs) a suite of beneficial tools. But Office 365’s benefits also make it a major target for cyber criminals. A single compromise can result in cyber criminals gaining access to the majority of an organization’s critical data. Knowing this, cyber criminals have launched many high-profile attacks in an attempt to compromise the Office 365 platform. Office 365’s considerable power, and considerable security concerns, have created a paradox. Office 365 is currently utilized—in whole or in part—by 91.4% of enterprises. However, only 22.3% of users have been migrated to the platform. Security concerns consistently rank as the first or second factor holding back a fuller Office 365 migration. In this whitepaper, we will explore the primary security concerns holding back Office 365 adoption, and how SMBs can solve them within resource limited environments.
03 DEFEND AGAINST NEXT-GENERATION THREATS, WITHOUT A NEXT-GENERATION BUDGET
The Primary Challenges of
O365 Security
Microsoft deploys a multi-layered
security model designed to protect Office
365 data:
• A Physical Layer, that protects
their network’s hardware.
• A Logical Layer, that reduces
opportunities for human error.
• A Data Layer, that encrypts Office
365 data.
Microsoft has also created a compliant
platform that provides comprehensive All of our valuable information
user dashboards. goes to the cloud through Office
365, and—if I’m being
But there is only so much Microsoft can honest—our employees can be a
do. Microsoft cannot solve the following little too comfortable and careless
inherent problems. Office 365 users must when they use it. By partnering
find a way to solve them on their own. with Paladion’s Office 365
advanced security management,
we can take our Office 365
security out of our employee’s
hands, and into the hands of true
professionals.
- Chief Technology Officer
Financial Services Firm
04 DEFEND AGAINST NEXT-GENERATION THREATS, WITHOUT A NEXT-GENERATION BUDGET Inherent Security Problems with Office 365 Office 365 is one of the most-deployed platforms in the world. This makes it a big target for cyber criminals. And because Office 365 is so easy and inexpensive to acquire, cyber criminals have an easy time downloading a copy, diving into its inner workings, and identifying exploits. Office 365’s popularity also creates problems of scale. According to Microsoft, approximately 1.2 billion individuals utilize Office products and services. Even with Microsoft’s substantial resources, it is impossible to provide fast, high-touch service to every account, and every user. in need at any given moment. The level of security and support offered by Microsoft also varies by a user’s Office 365 subscription level. Office 365 security controls are not all available to every subscription plan, and can vary between different Office 365 services, and different versions of each application. Finally, Microsoft cannot secure their platform against most organization’s biggest security threat: their own employees, including both malicious insider threats and employees making sub-optimal security decisions.
05 DEFEND AGAINST NEXT-GENERATION THREATS, WITHOUT A NEXT-GENERATION BUDGET
Inherent Compliance Problems Inherent Control Problems
with Office 365 with Office 365
User errors also create compliance Office 365’s administrative dashboards
problems that Microsoft cannot work effectively. But they assume a
effectively control. Users mistakenly perfect level of deployment that few
believe that migrating their data—and organizations can establish in today’s
working within—a compliant platform is distributed work environment.
enough to achieve, and maintain, their
Office 365 is utilized across many
compliance. But user behavior, usage,
devices—on-premise, mobile,
and access are also critical elements that
BYOD—and the number off access
go beyond Microsoft’s responsibilities.
points grows every year. Few
To add to the challenge, compliance organizations have total visibility into
operates at uneven levels between how many devices are accessing their
different Office 365 applications. Certain Cloud, who is using those devices, and
Office 365 applications offer robust what those devices are up to.
compliance, others have gaps, some are
Even with a proper deployment—that
not covered by compliance features at all.
provides visibility into all devices and
Ultimately, compliance is a continuous deployments—the volume of users and
process, filled with significant ambiguity
Is MDR Right for data flowing through Office 365 for even
for most users, and Microsoft does not a mid-sized organization can overwhelm
Your Organization?
comprehensively guide their users most internal security teams’ ability to
through this challenge. monitor, control, and respond to it.
06 DEFEND AGAINST NEXT-GENERATION THREATS, WITHOUT A NEXT-GENERATION BUDGET
The Top-Level Solution to Office 365’s Security
Compliance, and Control Deficiencies
Microsoft cannot solve these problems. The and process all incoming organizational
organizations who deploy Office 365 are data, from a near-unlimited number of
responsible to resolve them. For many devices, within a single centralized Big Data
organizations, the only way to solve these platform.
security problems is to work with a
third-party security provider who can “fill the Most important, effective third-party security
gaps” in the security, compliance, and providers understand security incidents are
control capabilities that Microsoft offers. inevitable within Office 365. They will thus
focus on detecting and responding to
The correct third-party service provider breaches within an Office 365 deployment.
will help:
Gartner predicts the share of organizations
• Security: They will offer a blanket protecting their Office 365 deployments via
level of security across your entire Office third-party security services is set to grow
365 deployment, that does not vary in substantially. According to Gartner, in 2016
coverage or effectiveness from only 15% of Office 365 deployments utilized
application-to-application. Will include: third-party security services to fill gaps in
dedicated, 24x7x365-ready security their cyber defense. By the end of this year,
personnel to respond in near-real-time to 2018, that number will rise to 40%. And by
security incidents, and monitoring of user 2020, Gartner predicts 50% of Office 365
behavior to protect against both intentional deployments will work with managed
and unintentional user threats. security providers to maintain security,
compliance, and control.
• Compliance: They will work
hand-in-hand with organizations to Relying on third-party managed security
evaluate their current compliance levels, to services are of particular importance to small
help them achieve and maintain compliance, and medium businesses who cannot afford to
and to return to compliance in the event of a “fill the gaps” in their Office 365 security via
security incident. internal SOC development.
• Control: They will utilize proprietary AI
platforms and Machine Learning to capture07 DEFEND AGAINST NEXT-GENERATION THREATS, WITHOUT A NEXT-GENERATION BUDGET Finding the Right 3rd Party Security Provider to Secure Your Office 365 Deployment Small and medium businesses must begin seek external partnerships who can provide: Managed Detection beyond traditional signature-based detection that includes advanced analytics on a repeatable, scheduled basis. Managed Response that includes automated response actions based on predefined escalation workflows to accelerate threat investigation and remediation. Proprietary AI Platform that analyzes massive volumes of threat data and to automate and orchestrate a near real-time response. An AI-driven Managed Detection and Response (MDR) service must also provide protection at every step of a threat’s lifecycle to proactively defend against incoming attacks. Consider how Paladion’s MDR service offers full left-of-hack-to-right-of-hack defense, augmented by the custom-built AI platform AI.saac:
08 DEFEND AGAINST NEXT-GENERATION THREATS, WITHOUT A NEXT-GENERATION BUDGET
Detection Phase
Threat Anticipation Security Monitoring
Protects against emerging threats. Goes beyond basic compliance-mandated
Continuously monitors global feeds, monitoring. Gain a deeper awareness of your
identifies your likely new threats, and business risks. Paladion’s 1,000+ global
proactively raises your defenses against cyber security experts give you 24/7
them. You gain both Tactical and Strategic monitoring, real-time alerts,
Threat Intel to learn which emerging threats log-management, compliance-ready
you can ignore, and which you must defend reporting, and monitoring of all cloud
against immediately. infrastructures and popular platforms (Azure,
AWS, O365)
AI.saac Advantage: Mines over 100 TB of
global threat data daily. Identifies emerging AI.saac Advantage: Constantly monitors the
global threats, correlates each threat’s impact risk level of your assets, users, and external IPs.
against your assets, and determines your most Reviews historical alerts via probabilistic models
likely threats. to ID assets and uncover deeper links between
alerts.
Threat Hunting
Finds threats lurking in your network.
Deploys four forms of analytics to find
attacks traditional cybersecurity misses:
Endpoint Threat Analytics, User Behavior
Analytics, Network Threat Analytics,
Application Threat Analytics.
AI.saac Advantage: Analyzes terabytes of
data in seconds. Deploys 550+ AI models and
use cases. Detects threats traditional security
misses within your endpoint, user, network, and
application data.09 DEFEND AGAINST NEXT-GENERATION THREATS, WITHOUT A NEXT-GENERATION BUDGET
Response Phase
Incident Analysis Response Orchestration
Fully investigates your threats and define Orchestrates a rapid, coordinated, and
immediate incident mitigation steps. effective response to any incident you suffer.
Provides a birds-eye view of any unfolding Our unified, expert response will combine
incidents, traces your alerts from validation machine speed with human insight to
to investigation, and extends visibility produce a comprehensive, collaborative, and
beyond basic indicators of compromise to fully bespoke response plan tailored to your
quickly separate your false positives from unique organization and specific
your real incidents. compromise.
AI.saac Advantage: Removes irrelevant noise AI.saac Advantage: Centralizes and
and only flags likely incidents. Scores relevant data orchestrates incident response to reduce
to prioritize alerts, and automates attribution, attacker dwell time from weeks to under one
attack chain creation, and patient zero day. Incident responders make sure attackers
identification. don’t exploit the same vulnerability, and adapt
defenses so attackers cannot use the same TTP
Auto Containment again.
Respond to threats rapidly with our proprietary
AI platform, AI.saac’s, agile auto threat
containment. AI.saac can autonomously execute
playbooks to contain network and endpoint
threats while raising a ticket immediately, so
Incident Responders can analyze, evict the
attacker, and keep them out.
AI.saac Advantage: Deploys hundreds of
playbooks to automatically contain a threat. AI.saac
continuously learns (machine learning) to add new
playbooks and effectively contain a threat in
minutes.10 DEFEND AGAINST NEXT-GENERATION THREATS, WITHOUT A NEXT-GENERATION BUDGET
Learn How AI-Driven MDR Can Protect
Your Office 365 Deployment
To learn how you can avoid suffering
the next costly, headline-creating
breach, contact Paladion today and
inquire about bringing AI-driven MDR
to your Office 365 deployment.
As we saw these attacks increase, we
realized it was just a matter of time until
one of these attacks caused real
damage. Thankfully, we found
Paladion’s MDR for Office 365 security
service in time. We’ve seriously
upgraded our defense against email
attacks, at a fraction of the cost of
scaling up our internal defenses and
protecting our cloud services in-house.
- Chief Information Security Officer
Global Manufacturing Leader
ABOUT PALADION
Paladion is a global cyber defense company that provides Managed Detection and Response Services, DevOps Security, Cyber
Forensics, Incident Response, and more by tightly bundling its AI platform - AI.saac and advanced managed security services.
Paladion is consistently rated and recognized by leading independent analyst firms, and awarded by CRN, Asian Banker, Red
Herring, amongst others. For 17 years, Paladion has been actively managing cyber risk for over 700 customers from its five
AI-Driven SOCs placed across the globe.
WW Headquarters: 11480 Commerce Park Drive, Suite 210, Reston, VA 20191 USA. Ph: +1-703-956-9468
Bangalore: +91-80-42543444, Mumbai: +91-2233655151, Delhi: +91-9910301180, London: +44(0)2071487475, Dubai: +971-4-2595526,
Sharjah: +971-50-8344863, Doha: +974 33777866, Riyadh: +966(0)114725163, Muscat: +968 99383575, Kuala Lumpur: +60-3-7660-4988,
Bangkok: +66 23093650-51, Jalan Kedoya Raya: +62-8111664399.
sales@paladion.net | www.paladion.netYou can also read
