Presentation is loading. Please wait.

Presentation is loading. Please wait.

Office 365 Campaign Background & Overview

Published byWinifred Sanders Modified over 6 years ago

Similar presentations

Presentation on theme: "Office 365 Campaign Background & Overview"— Presentation transcript:

1 Office 365 Campaign Background & Overview

2 Background Office 365 has surpassed Salesforce.com as the most popular and used enterprise cloud service in the world – 70 Million users and growing (Q1 2017) since introduction in Oct 2010.  Most are making the O365 move to not have to pay for and manage hardware and resources in their own datacenter (No upgrades either, users are always using the latest version of the software).  “Analyzing usage of over 20,000 cloud services, we found that 58.4% of sensitive data in the cloud is stored in Microsoft Office documents. If we use sensitive information (e.g. business plans, medical records, financial forecasts, etc.) as a proxy for business-critical data, it’s clear that the dominant platform for working with this information remains Microsoft Office.” - Office 365 Adoption Rate, Stats, and Usage  O365 is under attack  71.4% of O365 deployed organizations have at least one compromised account each in month  57.1% of O365 deployed organizations have at least one insider threat each month  45.9% of O365 deployed organizations have a least one privileged user threat each month  The conclusion = O365 needs strong protection! 

3 SecureAuth Offers the Industry’s Strongest Identity-based Protection from Attackers 
Recent Wakefield Research study shows that 56% of corporate assets are protected by 2FA, which also means 44% are protected by password or nothing at all. (Good chance O365 is NOT protected by 2FA today)  While 2FA is largely commoditized, SecureAuth does offer nearly 30 different 2FA methods for a wide range of use cases and giving choice and flexibility to customers and their users  Here at SecureAuth, we’re worried that 2FA doesn’t provide enough protection and leave unsuspecting organizations with a false sense of security:  OTPs over SMS not recommended by NIST unless have phone fraud prevention capabilities  Knowledge-based Answers (KBAs) are easily phished or socially engineered (technically not Two-Factor Authentication if coupled with “password” – they are both something you know)  Hard tokens – difficult to use, expensive to maintain, most are moving away from these, but also worth mentioning that RSA tokens have been compromised in the past  Push-to-Accept – Users become conditioned to hit “Accept” even when not authenticating…“Just get that notification off my phone screen”. Def-con hackers describes how 6 out of 6 attempts (100%) where legitimate user falsely accepted a P2A verification even when they were not authenticating - Attackers will continually evolve, learning to bypass even more 2FA methods…hence why we developed something called Adaptive Authentication. 

4 Why Adaptive Authentication In Addition To MFA?
We recommend Adaptive Authentication in addition to Multi-Factor Authentication (MFA). It’s an additional safety net if determined attackers could get past MFA.  Providing multiple layered risk checks, it’s nearly impossible for attackers to slip past every check point. Even if an attacker has compromised, yet legitimate, credentials and can get around certain MFA methods, Adaptive Authentication risk checks from SecureAuth will identify threat and stop it.   The threat data collected via our multiple risk checks can be shared with the SIEM or SOC for correlation with other threat data to help pinpoint real threats in a sea of alerts and potential problems.  To help with user experience, if user passes multiple risk checks with no red flags, SecureAuth can grant them access without a disruptive MFA process (only require UN & PW) 

5 O365 has a Vulnerability  Many older desktop and 3rd party clients used to access O365 do not support Multi- Factor and Adaptive Authentication, meaning they rely solely on Username and Password. This is a problem because there are hundreds of millions of credentials available for sale on the dark web right now and how easily users can be phished out of their credentials.  Every authentication vendor has this same issue  Becomes even more problematic if is used in the authentication process (OTP sent via )  With O365 being used by so many users, the greater the chance that users use clients and create a vulnerability for their organization  SecureAuth is the first vendor to offer adaptive authentication in front O365 clients that previously could only accept password (Note: we do not offer all adaptive risk checks, your SEs know what checks we can and cannot do, save that conversation for a later date) 

6 Campaign Overview

7 CISO VP/Director of IT Security Architect Target Audience

8 Key Message Office 365 is the world’s most widely used enterprise cloud app with over with 85 Million users worldwide. This popularity makes Office365 a target for attackers  Traditional passwords and even basic two-factor authentication for O365 is not enough to protect from increasingly sophisticated cyberattacks SecureAuth offers the highest level of identity security for Office not only for new applications, but for older versions and third-party clients Only SecureAuth Adaptive Authentication for O365 combines multi-factor authentication with risk-analysis — including geo-location, device recognition, IP address threat service and phone fraud prevention — offering complete protection no matter how users access O365

9 Campaign Flow Week 1 Week 2 Week 3 Week 4 Week 5 Week 6 Week 7 Email 1
Guest Blog Social 1 Social 2 Social 3 All content for the Blog, s and Social series have been provided. Please refer to the folder for details

10 Other Externally Sharable Resources
Blog Post: Office 365 with Strong Authentication  Webinar Archive: Secure Access Control for Office 365 – presented by James Romer  eBook: Technical Best Practices Guide - SecureAuth for Office 365 (In the Folder) eBook: Access Control for Office Why passwords and two-factor authentication are not enough Video case study: ESCO uses SecureAuth to protect sensitive cloud data - and users love it!  Solution Brief Landing Page: or

11 Internal Resources Sales Slides (Included in the Folder)
Talking Points Doc (Included in the Folder)

12 Additional Social Recommendations
#O365 is more popular than ever with users - and attackers! Watch demo, learn how to stop them Please make sure to add a link to the DEMO Please include handle When possible, please The world’s biggest cloud app deserves the industry’s strongest identity security. How secure is your #Office365? New blog:  Please make sure to add a link to the BLOG Attacks on Microsoft cloud-based accounts are up 300% YOY - how safe is your #Office365? Read the eBook.  Please make sure to add a link to the eBook

Download ppt "Office 365 Campaign Background & Overview"

Similar presentations

MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.

MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
PRODUCT FOCUS 4/14/14 – 4/25/14 INTRODUCTION Our Product Focus for the next two weeks is Microsoft Office 365. Office 365 is Microsoft’s most successful.

PRODUCT FOCUS 4/14/14 – 4/25/14 INTRODUCTION Our Product Focus for the next two weeks is Microsoft Office 365. Office 365 is Microsoft’s most successful.
Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.

Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.
First Community Bank www.fcbnm.com Prevx Safe Online Rollout & Best Practice Presentation.

First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.
Paul Andrew. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.

Paul Andrew. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.
Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?

Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?
Difference between External and Internal Server Monitoring.

Difference between External and Internal Server Monitoring.
BizSmart Lunch & Learn Webinar Information Security and Protecting your business With the increased risk of some sort of cyber- attack over the past few.

BizSmart Lunch & Learn Webinar Information Security and Protecting your business With the increased risk of some sort of cyber- attack over the past few.
1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.

1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.
Securing the Cloud Authentication Perspective. Moving to the Cloud is like........ Moving your data from your own personal safe, to a safety deposit box.

Securing the Cloud Authentication Perspective. Moving to the Cloud is like Moving your data from your own personal safe, to a safety deposit box.
Implementing and Managing Azure Multi-factor Authentication

Implementing and Managing Azure Multi-factor Authentication
2 Factor & Multi Factor Authentication

2 Factor & Multi Factor Authentication
WHY VIDEO SURVELLIANCE

WHY VIDEO SURVELLIANCE
WHY VIDEO SURVELLIANCE

WHY VIDEO SURVELLIANCE
BUILD SECURE PRODUCTS AND SERVICES

BUILD SECURE PRODUCTS AND SERVICES
The time to address enterprise mobility is now

The time to address enterprise mobility is now
Deployment Planning Services

Deployment Planning Services
Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.

Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.
Enterprise Mobility Suite Technical and Business Briefing

Enterprise Mobility Suite Technical and Business Briefing

Similar presentations

Ads by Google