Virtualization Technology News and Information
VMblog Expert Interview: Hornetsecurity Talks Security and Microsoft 365


To dive into the topic of security threats and Microsoft 365, VMblog reached out to an industry expert, Andy Syrewicze, Technical Evangelist at Hornetsecurity.

VMblog:  What are the most common M365 threats today and how do I mitigate them?

Andy Syrewicze:  As we found in a recent survey we conducted on the nature of security threats with M365 we found that email security threats continue to be the most pervasive security threats targeting businesses today. The reason being here is that email attacks require a relatively low capability set to initiate, and they typically target the weakest link in your security posture, your end-users. Businesses today can best protect themselves by leveraging a third party security service for M365 that specializes in security and is independent from the vendor providing the collaboration software.

VMblog:  As a consumer of Microsoft 365, isn't Microsoft keeping me safe from security threats?

Syrewicze:  Actually no. Not by default. This is a common misconception in that many organizations believe that Microsoft handles security on their behalf. In fact Microsoft's shared responsibility model states that security and responsibility of data and identities falls on the end-customer. While Microsoft does supply some capabilities out of box to help address these concerns, it's up to the customer to implement them, license and deploy advanced security features, or work with a trusted 3rd party security vendor to help secure their business.

VMblog:  Wouldn't it be better for me to leverage the security services offered by Microsoft as opposed to a third party?

Syrewicze:  Some schools of thought look at it this way, yes. And, while Microsoft does offer some decent capabilities in their security suite, many of them are difficult and time consuming to implement and the licensing can be wildly complicated. There is also a concern amongst compliance experts in the community around the concept of vendor overdependence. Meaning, there is an inherent conflict of interest when it comes to using the same vendor for both security and productivity tools. That's like the factory owner also being the compliance inspector. Many organizations leverage an independent third party security vendor for objective monitoring and insight into their core security posture when leveraging cloud services such as Microsoft 365.

VMblog:  Microsoft is conducting regular backups of my data correct?

Syrewicze:  Like the security question above, this is also a common misconception. When it comes to backup and recovery, the share responsibility model from Microsoft also comes into play. While the M365 platform is great for data retention, it is NOT designed for backup and recovery. In fact, Microsoft's cloud SLAs actually state they recommend you leverage the services of 3rd party backup and recovery software to protect the data you place into M365.

VMblog:  In the event of an outage of Microsoft 365, are customers able to continue working with local resources on the endpoint?

Syrewicze:  This depends on your given setup, but even with proper planning there will be services that you're unable to access. For example, while your end-users will have access to previously delivered email, this won't help them actively use exchange online delivery services. A third party that provides business continuity services for M365, like Hornetsecurity can help bridge any gaps in an outage situation and allow your end-users to continue working.


Published Tuesday, July 19, 2022 7:30 AM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<July 2022>