CoreSecurity Reviewed By Microsoft MVP
Takes Top TechGenix Honors with Gold Star
Earlier this year 18 time Microsoft MVP Brien Posey took an in-depth look at CoreView’s CoreAdmin. Posey liked what he saw and gave the Office 365 management solution a gold star. Not only that, Posey wanted to see the next solution in CoreView’s CoreSuite – and went to work on CoreSecurity.
Posey is not just a Microsoft MVP, author and influential thought leader. He is an experienced IT professional, having served as CIO for a national hospital chain, and lead network engineer for the United States Department of Defense at Fort Knox.
As such, Posey understands the security challenges Office 365 administrators face, and the lack of solutions for Office 365-specific vulnerabilities. Posey put CoreSecurity to the test on his own tenant to learn how the solution makes his environment safe.
Email is the biggest area of attack and vulnerability, Posey argued in his CoreSecurity review. “Email is by far the most commonly exploited point of entry through which malicious software can enter an organization, so it makes sense to put a solution in place that can help you keep Exchange Online and the rest of the Office 365 platform secure,” Posey noted. Fortunately, CoreSecurity discovers poorly configured email accounts, and bad end user mailbox behavior.
Auditing is the only way to properly perform forensics on data breaches and malware attacks. It is also the only way to track how malware is spreading – by seeing exactly what actions a malware-infected user performs.
“CoreSecurity’s auditing functions were built around two different Microsoft APIs. This includes the Office 365 management API, used to collect Office user activity, and another API used to collect information about the Office 365 login process,” Posey explained. “(CoreSecurity) allows IT pros to create reports that go well beyond what is natively possible in Office 365… It is also worth noting that CoreSecurity retains logging data for longer than Microsoft does. By default, Microsoft retains standard Office 365 logging data for 90 days, and retains sign-in data for 30 days. In contrast, CoreSecurity retains this data for twelve months, and it is possible to retain logging data indefinitely.”
Auditing is core to stopping breaches and attacks. “One of the most compelling features in CoreSecurity’s Auditing section is its alerting mechanism. Like most of the other alerting mechanisms I have seen in other security products, the CoreSecurity Alert feature is based around trigger events and actions. The thing that makes this Alert engine different from others is that it can be configured with extreme granularity. In the Exchange section alone, there are over a thousand different types of event triggers that can be defined,” Posey said. “Even so, CoreSecurity’s intuitive GUI interface makes it easy to navigate the alert creation mechanism.”
Astonishing Analysis and Compliance
CoreSecurity has deep analytical capabilities that work with millions of collected data entities. What stood out for Posey is how this analysis drives compliance with security policies. “CoreSecurity allows you to create a series of checks that define what it means to be compliant. For example, you might check for impossible travel to atypical locations, mailboxes that have forwarding enabled, or perhaps sign-ins from infected devices. The Compliance Dashboard shows you at a glance whether or not everyone is compliant with a particular check,” Posey said. “If the software determines that not everyone is compliant with a particular item, then the item is flagged with a red X. You can then click on the item to see exactly which user is not compliant, and why. If, for example, a user was found to be forwarding all of their email to someone outside of the organization, the report would show which user was forwarding their messages, and who they were forwarding them to.”
Mr. Posey liked what he saw in CoreSecurity, giving it a score of 4.9 out of a possible 5 — which is another gold star review. “Microsoft Office 365 is a complex environment, with numerous configurable security settings. In contrast, many of Microsoft’s default security settings are inadequate. Most of the Office 365 breaches I have personally heard about were the direct result of security settings that were simply too lax. I think that CoreSecurity does an excellent job of helping organizations understand where potential vulnerabilities exist within their Office 365 configurations,” Posey said. “I was also impressed that the software doesn’t just point out areas in which security could be improved, it actually shows you which users are out of compliance, and what the user has done to result in their non-compliant state.”
See Firsthand what Posey saw in CoreView
Read the full CoreSecurity review for all the details.
You can see CoreSecurity for yourself by requesting a demo.
You can also learn the exact state of your O365 security with our free CoreView Office 365 Health Check that diagnoses all your Office 365 problems. Not ready for a full custom report? You can still take a look at a Health Check sample report.
Even better, Office 365 shops can now discover O365 critical tenant issues FREE CoreDiscovery, a new solution that includes a series of operational and security/compliance dashboards, as well as tracking of over 100 KPIs/metrics. Get details on the CoreDiscovery product page: https://www.coreview.com/corediscovery/ Get your free software at the CoreDiscovery sign up page: https://www.coreview.com/core-discovery-sign-up/