Why you need to protect your organisation’s M365 credentials

We have had to deal with several incidents of Business Email Compromise (BEC), where for one reason or another someone has had their Microsoft credentials compromised and a threat actor has got inside their email. It is a serious problem because threat actors make a lot of money from it.

[Guest Diary] Business Email Compromise – SANS Internet Storm Center

Your Takeaway

Tomorrow I am going to be implementing multi-factor authentication for a client, which is one of the easy steps you can make to help secure against BEC. Yes there are organisations that still do not use MFA for everything!

Other things to do are, set-up your M365 enviroment correctly and make sure your team understands how credential security and management matters.

Clive Catton MSc (Cyber Security) – by-line and other articles

Further Reading