Automating IT Tasks to Get Your Business Through COVID-19
With the spread of the novel corona virus getting more serious each day, many companies are starting to put remote work and other business continuity planning measures in place to reduce spreading and increase employee safety. We hope that you’re taking personal precautions to protect the health of you and your family, such as washing your hands frequently, avoiding touching your face staying home if you are feeling sick, and avoiding large crowds. While personal health safety is the highest priority, it is also vital that companies take proper security precautions to protect their IT assets and environment as well.
One of the many unfortunate outcomes of a pandemic like corona virus is that hackers and criminals will take advantage of unsuspecting victims. Almost every business around the world is having to adjust to the new threats that this virus brings. As more employees are working remotely and business workflows adapt to business continuity plans and other workplace changes, IT teams need to stay on top of additional security risks and potential breaches. Many news reports are coming in that hackers and criminals are exploiting the virus for their own gain.
Criminals Capitalise on COVID 19
In this post we will go through a few of the ways Voleer’s IT task automations can help your team during this time.
Monitor Office 365 Accounts for Vulnerabilities
Office 365 has key security functionality like Advanced Threat Protection, Exchange Online Protection, Cloud App Security, and Threat Intelligence built in. That is a great start, but there’s more you should be doing to keep an eye on your Office 365 environment. Gartner estimates that 99% of security breaches come from user faults which means that it is vital for IT admins to monitor key data on their Office 365 accounts. This can be done manually, but the Voleer Office 365 Security Assessment makes it easy to see a snapshot of key information including:
· Compromised accounts from haveibeenpwned.com
· Accounts that don’t have multi-factor authentication (MFA) enabled
· Successful and failed logins by country
· The number of failed logins across accounts
· Accounts that haven’t changed their passwords in a certain period of time
You can go deeper into the report and see the individual users with these issues and take remedial action. For example, if your office is based in Australia and you have a user who has login attempts from Russia and Brazil in the last few days, you probably want to check whether the user was traveling. If not, then, you’ll want to secure the account and have the user change their passwords.
Another simple but important security setting is for your users to have MFA enabled. This helps secure their account by requiring confirmation of their new login through a SMS code, or authentication app. This is a simple step to secure an account but users might not know how to turn it on or think it will be a time consuming task. By generating a report listing the individual accounts that don’t have MFA enabled, you can walk them through setup and provide education on the importance of securing their account. Follow our remediation guides (link) to see what other actions you should take based off the information in this report.
Proactively Notify Users of Unusual Activity
Some activity on Office 365 could be viewed as suspicious but not enough for the IT team to actively check each time the action occurs. It would take too much time and resources, especially for companies with 100 users or more. To help address this issue and keep your company safe, Voleer has introduced Targeted Security Notifications. This IT task automation saves IT professionals time by checking recent unusual activity, asking users to verify and confirm that it matches up with their own actions. These notifications include:
· Compromised account information
· Successful login locations
· Granted account permissions
· Inbox rule activity
· Emails sent activity
· Devices associated with account
Voleer lets you set Targeted Security Notifications to run every 7 or 14 days, sending a summary of unusual activity to each user and prompting them to check if any of the information doesn’t match their own actions. By leveraging the user’s ability to check activity themselves, IT professionals can enhance security measures more efficiently.
With so many employees working remotely, there may be more “suspicious” activities than normal. It could also be difficult for IT departments to track and monitor their users when they themselves are working offsite.
Additional Security Templates
Voleer also has several other one-click automations that can help your IT team keep your business secure during these volatile times, including:
Office 365 GDPR Assessment - provides an overview of several security items (Information Rights Management Configuration, Mailbox Auditing, and more) in order to increase a tenant's GDPR compliance.
Microsoft Teams Assessment – performs an audit of Teams activity and notifies you of Teams channels with guest users, disabled owner accounts, and Teams sizes.
Azure VM Protection Assessment – creates a report on key Azure VMs focused on protection. Key information includes VMs with a public IP address, data and OS disk encryption, allowed and denied public ports, etc.
During a pandemic, it’s important for all of us to take the necessary precautions to keep both our health and our businesses safe. While Voleer can’t automate your hand washing, we can help you take care of your IT security. Create a Voleer account today to start utilizing your IT Toolbox to efficiently identify security threats and monitor potential them proactively.
