Tag Archives: security

Warning: Office 365 SPAM – Phishing attack

DO NOT respond to any mails which ask for Urgent Upgrade. Here is a sample mail which I just received.

image

There is a link called UPGRADE NOW.
DO NOT CLICK ON THIS LINK.

This link leads to an authentic looking Office 365 login page. Needless to say, it is a fake page. This is called a Phishing attack.

image

DO NOT put your password there.
Just delete the mail permanently and do not think about it again.

I have already informed the relevant authorities in Microsoft. They will do the needful.

If you are in another country or region, you may not receive this particular type of mail. But in any case, do not trust any such mails. If you are an IT person, go to the Office 365 Admin page and check if there is a genuine need for license upgrade. If you are not an IT person, just alert your IT team.

Be safe!.

Security Neglect: Office 365 Worst Practices

Everyone is worried about putting corporate files, data and emails on the cloud – or Office 365. This worry continues after deploying Office 365. Paradoxically, the actual efforts put into maximizing Office 365 are inadequate. Of course, Microsoft data centers follow and often create new, global security standards. However, there is Security Neglect at the individual tenant (customer) level. Most do not even know that there is a Office 365 Secure Score. Find out more. Reading time 7 min.

Security Neglect - Secure score

Continue reading Security Neglect: Office 365 Worst Practices

Irritating = Extremely Useful – The “Enable Editing” button

Since Office 2013, you will often see a yellow bar at the top asking you to Enable Editing. Unless you press this button, you cannot type anything or format any content. This may sound irritating, but it is a very useful feature. It safeguards your interests.

enable editing

The reason is simple. Even today, many viruses travel through Office documents – as macros. These files arrive either through email, downloaded from Internet or copied from USB drives. In these cases, there is a great danger of the file infecting your PC. To prevent this from happening, these files are now opened in a special way. Here you can read the file but not edit it.

If you trust the source, you will have to click the Enable Editing button. Unless you want to edit it, don’t Enable Editing. Just read and take the required action.

Office 365 prevents confidential data leakage: Are you using it?

This is a brief article. I will cover it in more detail later. But this is just to inform all the readers that such a sophisticated facility exists within Office 365 and they should take advantage of it.

I have observed that although Office 365 is a popular product, all customers do not really notice, appreciate and utilize this powerful platform to the fullest extent.

One such feature is called Data Loss Prevention. It helps you control, monitor and prevent leakage of confidential data, customer privacy related information, financial data, etc. by any employee through Email. This feature is also being extended to SharePoint.

Exactly how to activate the feature and configure it is beyond the scope of this article. It is not even the intention of writing the article. Just understand what it does and if you find it useful and relevant to your business – make sure your IT team implements it.

What does DLP in Office 365 do?

In simple terms, it monitors every outgoing mail message and checks if any pre-defined restricted information is being sent outside your organization.

If it does find such a mail, it can either warn the user, capture the reason for sending it, prevent the user from sending it, forward it to a compliance officer, delete the mail, follow an approval process and so on.

You choose what is objectionable, sensitive, confidential or privacy related data. You create the rules and DLP follows it faithfully.

To make your life simpler, many ready-made rules are available. These rules are created as per stringent government and banking guidelines. You can start with a ready-to-use template and then refine it as needed.

In short, Try it, Assess it and Use it.

SharePoint – Part 3: Secure Document Sharing

You can learn how to decide WHO can do WHAT with the documents (or other content) which you have shared. If you are using OneDrive for Business, by default, all documents can only be viewed and edited by YOU – and nobody else.

This video contains SPS 2010 screenshots. However, the concepts are still the same as of Feb 2015.