Apr 6 2020
Office 365 Business Continuity in the Tough New World of COVID-19
Business Continuity is an easy issue to ignore, until a disaster hits. In this case, the Coronavirus pandemic is slamming every corner of the earth – a disaster that affects all.
The key to physical survival is taking every precaution to avoid infection, and get proper care if you fall victim. The key to economic survival is keeping the business going – through business continuity.
Shops with Office 365 are already ahead of the business continuity game, and in fact, the software was designed to be catastrophe-proof, as Microsoft CEO Satya Nadella said at the O365 launch. “That’s why Microsoft has set a bold ambition to reinvent productivity and business process in this mobile-first, cloud-first world,” Nadella said. “By utilizing cloud technology Microsoft enabled businesses to do more, allowing them to provide a continuous level of service in-line with what their customers demanded,” Microsoft added.
How Microsoft Supports O365 Business Continuity
Because Office 365 runs in the cloud, it is not dependent on on-premises gear and applications that can fail. However, the O365 cloud service itself has to be up and running in order for your business to continue. With most SaaS solutions, including the bulk of Shadow IT apps, IT has to worry about the actual supplier, or cloud provider. What are they doing to insure continuity and data security?
In the case of O365, there is little to worry about – Microsoft is the supplier and takes great pains to insure safety and reliability. That is why Microsoft’s O365 SLA guarantees 99.9% availability.
Microsoft’s O365 service has physical redundancy as in extra servers and multiple network cards, as well as data redundancy through replication across multiple data centers. Meanwhile, Microsoft monitors O365 continuously for performance and operations, and quickly diagnoses any issues. Finally, there are human operators on call to handle any issues customers raise.
“Service continuity provisions are part of the Office 365 system design. These provisions enable Office 365 to recover quickly from unexpected events such as hardware or application failure, data corruption, or other incidents that affect users. These service continuity solutions also apply during catastrophic outages…” explained an article in TechNet.
Now that Office 365 itself is doing its part for business continuity, it is IT’s turn to pitch in. Just because Office 365 is running, does not mean it is fully supporting your company’s business continuity needs.
Here are some seven tips for Office 365 business continuity in the era of COVID-19.
1.Security is Business Continuity Job #1
Before Coronavirus, ransomware was a top hacker technique. Now it is getting worse, as cybercriminals pose as COVID-19-related charities and organizations enticing the unwitting into clicking malicious links. “Ransomware has rapidly emerged as the most visible cybersecurity risk playing out across our nation’s networks, locking up private sector organizations and government agencies alike. And that’s only what we’re seeing – many more infections are going unreported, ransoms are being paid, and the vicious ransomware cycle continues on,” as the U.S. Cybersecurity and Infrastructure Security Agency (CISA) explained in a COVID-19-related bulletin. “We strongly urge you to consider ransomware infections as destructive attacks, not an event where you can simply pay off the bad guys and regain control of your network (do you really trust a cybercriminal?).”
Cybersecurity and Infrastructure Security Agency
Here is CISA’s ransomware advice:
- “Update and patch systems
- Make sure your security solutions are up to date
- Review and exercise your incident response plan
- Pay attention to ransomware events and apply lessons learned
- Practice good cyber hygiene; backup, update, whitelist apps, limit privilege, and use multifactor authentication
- Segment your networks; make it hard for the bad guy to move around and infect multiple systems”
How CoreView Tackles Ransomware and Malware
To deal with ransomware, you must:
- Implement strong password policy and MFA
- Limit granting of administrative access and privileges, and achieve network segmentation via Role-Based Access Control (RBAC)
- Perform audit-based forensics on how ransomware and other malware spread
Malware often gets through anti-virus/anti-malware defenses, especially zero day attacks. CoreView provides auditing tools for SaaS operations. CoreView shows you every single file accessed, and every single action taken by an administrator or a user since they had a security event on one of their devices. That is how we prevent malware like ransomware from going on, and on, and on, and on – spreading throughout the organization. We proactively see and report on what was touched and then do a deeper dive analysis on those actions.
By speeding up security audits and performing more efficient forensic analysis, IT quickly closes any security issues when they are identified. Finding the audit trail to identify these types of attacks is extremely difficult, and requires assistance from specialized tools that have powerful security auditing and analysis capabilities – like those offered by CoreView.
2.Control, Manage and Secure Remote Workers
Key Office 365 security best practices include strong password policies, multi-factor authentication, tight mailbox security, and file storage security. Proactively establishing best practices in these areas dramatically reduces security risks – especially in these times of increased remote work. Basic layered and defense in-depth security tools simply do not dig into Office 365 specific vulnerabilities and security problem areas.
Locking down end-user accounts through secure passwords and rigorous authentication is also essential. Multi-factor authentication (MFA) requires at least two forms of personal user identification and is recognized by the National Institute of Standards and Technology (NIST) guidelines for password security. The United States Department of Homeland Security now recommends that all Office 365 users implement MFA. Making MFA adoption easy, Microsoft offers tools such as Microsoft Authenticator for users to install on their smartphones, as well as Smartcards, to work in combination with pass worded logins. Multi-factor authentication is a surefire way to prevent unauthorized logins, and there is little excuse not to use it.
Meanwhile, monitoring employee activities such as their mailbox practices can identify risky behavior and proactively secure business-critical data. Preventing risky activities such as auto-forwarding to external email addresses and limiting access rights to other users’ mailboxes can prevent the spread of malware and the leakage of data through emails. In addition, being aware of unusual email activity prevents targeted spam or social engineering tactics common among today’s cybersecurity threats.
3.Is the Remote User Really YOUR Remote User? Detecting Compromised Accounts
Now that workers are scattered over hill and dale, IT needs to track to make sure all these remote logins are legit. The answer is to monitor suspicious O365 sign-in activities. Knowing how many suspicious sign-in attempts are happening, where they are coming from, and what they are targeting is a key security best practice – and especially critical during this crisis. Here are suspicious sign-ins you should track:
- Sign-Ins from Infected Devices
- Sign-Ins from IP Addresses with Suspicious Activity
- Sign-Ins from Multiple Geographies
- Impossible Travel Sign-Ins
Even better is to have reports to identify not only remote login attempts, but also to discover targeted accounts, MFA status, and the reasons the login failed.
4.Data Protection – Using OneDrive and SharePoint for Resilient Document Storage
Storing enterprise and documents on a personal hard drive is a disaster waiting to happen, pandemic or not. If you have Office 365, these files are far safer in the cloud. “Documents can be easily managed with OneDrive. Employees can keep working as usual, on their PC or laptop, but OneDrive will make sure all documents are also automatically and securely synchronized to the cloud,” explained digital solutions provider Amplexor in a blog. “This means that once authenticated via password, all their personal documents will be available from any location. So even those employees who do not have a company laptop, will still be able to work on their documents from a personal PC at home, or even a mobile device.”
5. Microsoft Teams – Maintaining Communications and Collaboration Continuity
For the last few years, Microsoft has WANTED enterprises to move from Skype to Teams. With the Coronavirus-driven rise in remote work, enterprises NEED to make this move. How else can they keep the company going during trying times? Having a solution such as Teams available is not the same thing as putting it to work, and fully realizing its value.
Even shops that have moved from Skype to Teams often just scratch the surface of what the Microsoft collaboration and communication solution can do. For remote workers to match their in-office productivity, they need to really stretch Teams’ legs. IT and your company’s management should know how much of Teams function is really being exploited, then have a way of increasing the adoption of Teams services. Once the adoption needs are defined, targeted training can kick in.
Experts find that 70% of what an end user learns through conventional approaches is forgotten in 24 hours. A better approach is Just in Time Learning (JITL) that teaches end users while they work. The secret sauce with JITL is that these videos are context sensitive, and play as the user is walking through the application.
6.Teams as Your COVID-19 Source of Truth
Microsoft Teams is an ideal way to provide remote workers with news on the pandemic and how it affects them. “How do I keep all my employees up-to-date on Corona-related and other internal news?” asked Amplexor. “Email is of course one option, but it offers a dispersed view on information at best. So organizations typically organize this news in an intranet, which can be easily set up within SharePoint or in an organization-wide Team. Not only does this consolidate all information in a single place, it also allows to integrate more structured interaction. For example, think about integrating an HR conversation channel in the intranet or Team, where HR can quickly reply to employee questions. Or, think about integrating a form for reporting potential risks which can then be handled by HR in a structured way.”
7.Smart and Secure Device Management for Continuous Operation
During this COVID-19 crisis, some are working from home, still just miles from the office. In other cases, workers leave the area, going to vacation homes, living with friends or relatives, fleeing the hardest hit zone. There is no telling what devices they use for work, and to connect to the corporate network. While a productivity boost, all these devices are a security nightmare.
IT should know exactly what these devices are for several reasons. Systems are only secure if they are patched and using up-to-date modern software, including operating systems. Windows XP does not rate as a high security platform! What is the OS, what is the patch status? Is the device safe?
Mobile devices have the same concerns. What kind of OS is running? Is it up to date?
Keeping software patches and anti-virus tools up to date requires that IT knows, and can validate the configuration of workstations, laptops and mobile devices, and what software is installed. More to the point, how do you know if the device is infected? Moreover, if it is, how do you know what that device did to potentially spread malware or other malicious software?
Learn More about Managing and Securing Remote Office 365 Users for Business Continuity
Learn more about optimizing and securing Office 365 remote workers with a CoreView demo.
Get your O365 user workload usage and security profile FREE with our new CoreDiscovery solution. You can get your free software now at the CoreDiscovery sign up page: https://www.coreview.com/core-discovery-sign-up/
Doug Barney was the founding editor of Redmond Magazine, Redmond Channel Partner, Redmond Developer News and Virtualization Review. Doug also served as Executive Editor of Network World, Editor in Chief of AmigaWorld, and Editor in Chief of Network Computing.