Interlink Cloud Blog

Your Office 365 data is critical to the success of your business.

Are you protecting it appropriately?
____________________________________________________________________

Modern Data Management & Backup Strategies

Interlink has seen many organizations fall behind in their data management and backup strategy – and thus incur risks. Organizations must look at not only data centers and endpoints, but also at their Office 365 data to ensure their environment is properly protected and mitigating risk. Microsoft Office 365 monthly active usage is continually growing across the world – and e-mail, calendar items, OneDrive, SharePoint, and Teams files cannot be overlooked for businesses to be adequately prepared for backup/recovery scenarios.

Microsoft provides native backup/recovery capabilities, though third-party solutions can offer extended data protection and granular recovery options - for SLA (Service Level Agreement) compliance and rapid recovery from deletion, corruption, or attack. Best practices for data protection include having multiple copies of your data (housed outside source and production environments), proper retention policies, and a data strategy that doesn’t solely rely on on-premises technology. Many organizations need to keep data longer for industry requirements, legal reasons, and to meet compliance or regulatory bodies. While retention policies are important, they do not substitute for a true backup which should capture configurations/settings/security/etc. that are focused beyond the content level.

We are seeing active hacker attacks every single day on our clients. According to the latest Microsoft Security Intelligence Report, phishing attack emails increased 250% between January and December of 2018 - emails which use malicious links and attachments to infect an organization. Have you been a victim? Would you know if you were? Most of the successful attacks are due to insufficient security tools, monitoring, and lack of training. None of our clients are in the IT or security monitoring business. Their internal team may be experts at IT for their organization, but likely lack the background and training in security management. A managed security services contract can help save your business time and money – and let you focus on what you do best.

All the Cloud Controls You Have Been Waiting For

When company credentials have been compromised, all corporate data is instantly at risk. Hackers only need one victim to begin to access an entire organization – do you have a plan in place to prepare, detect or stop the threat before it’s too late?

Account compromise and credential harvesting attacks are occurring at alarming rates. In the event of a successful account compromise, time is crucial and the ability to respond quickly can significantly decrease the damage to your organization. Incident response teams should have a clear understanding of the steps involved in remediating unauthorized access events.  These steps should be clear and concise to avoid confusion and delayed containment. Microsoft helps with these steps by providing one single tool that covers many of the core incident response tasks.

You may have noticed that there are currently four Microsoft products with “Advanced Threat Protection” in their name:

1. Azure Advanced Threat Protection
2. Office 365 Advanced Threat Protection
3. Windows Defender Advanced Threat Protection
4. SQL Advanced Threat Protection

While each of these solutions offers value to its users, there’s been some confusion around the similar naming of these products. Let’s clear up confusion by taking a closer look at each of these products and their features, benefits, and intended use cases.

Figuring out the best way to implement Single Sign-On (SSO) in a Microsoft cloud environment can be challenging given how the options have evolved over time, but it’s a key component of any successful Office 365 or Azure deployment. There are four main options on how you can configure SSO:

• Cloud-only passwords without SSO

• Password synchronization with SSO

• Pass-through Authentication with SSO

• Federated Identity (ADFS or 3^rd party)