A recently published study evaluated 1.6 million Microsoft 365 users across three continents. CoreView found that 90% of organizations
had gaps in essential security protections. Managing Microsoft 365
(M365) is complicated. How can IT teams avoid management headaches, stay
100% compliant, and truly take control of their M365 instance?
To find out, CoreView experts reviewed the most common problems to
understand what companies are doing well and reveal gaps in IT
management strategies.
Research from the study reveals that many common security procedures are
not being followed 100% of the time. This leaves gaping holes in most
organizations' security defenses. While most companies have strong
documented security policies, the research uncovered that most aren't
being implemented consistently due to difficulties in reporting and
limited IT resources:
-
90% of companies had gaps across all four key areas studied -
Multi-Factor Authentication (MFA), Email Security, Password Policies,
and Failed Logins
-
87% of companies have MFA disabled for some or all their admins (which
are the most critical accounts to protect, due to their higher access
levels)
-
Only 17% of companies had strong password requirements that were being consistently followed.
Overall, nearly every organization is leaving the door open for
cybersecurity threats due to weak credentials, particularly for
administrator accounts.
In addition to security challenges, the study identified key areas for
improvement in managing Microsoft 365 licenses as well, such as:
-
The average company had 21.6% of their licenses unassigned or "sitting
on the shelf." Another 10.2% of licenses were inactive, for an average
of 31.9% unused licenses
-
In 17% of companies, the numbers were huge with over 10,000 licenses
unassigned or inactive! These cases represent big opportunities to
optimize license spend with better tools.
Overall, the study reveals that reporting challenges make security and
license management incredibly difficult, leading to unnecessary risks
and costs.
"The role of the IT professional is more important and complex than
ever. They need to stay in perfect compliance 100% of the time, all
while saving money and improving the end-user experience," said Shawn
Lankton, CEO of CoreView. "To overcome this challenge, IT professionals
require solutions that help automate compliance and delegate
responsibilities to ensure security and efficiency across the business."
View the full report here.