Microsoft Cloud Security
An eGuide by Shawn Pickett, ACTS Senior Solution Advisor
The cloud revolution is not without risks – serious security risks. Microsoft knows this as well as anyone and produces the annual Digital Defense Report, “The most common attack techniques used by nation-state actors in the past year are reconnaissance, credential harvesting, malware and virtual private network (VPN) exploits,” the report found. Moreover, hackers are getting smarter, more aggressive and more organized every year, with IT struggling to keep up. “We also see that human-operated ransomware gangs are performing massive, wide-ranging sweeps of the internet, searching for vulnerable entry points, as they ‘bank’ access – waiting for a time that is advantageous to their purpose,” Microsoft found.
In this guide, we will explore over two dozen Microsoft 365 and Azure security issues, but a handful of these rise to the top and should be part of any comprehensive Global Microsoft Cloud Security plan, which are:
- Least Privilege Security Model
- Data Leakage
- Identity – including Azure Active Directory (AD) and the threat posed by too many over-privileged Azure and M365 Global Administrators