Microsoft Hacked- Are we safe?

Posted in: Microsoft 25/03/22

In a week where Azure services were particularly targeted by Mal-Actors and Microsoft admitted that the source code for its search engine Bing had been compromised in a breach, its important to reflect on why Cloud Services remain the best option for securing your organizations mail and data.
An Enviable Position
Microsoft services get a big let off when it comes to third party security audits across the board. Even the Financial Conduct Authority, who were incredible woolly about the prospect on Financial Institutions putting data out to the cloud approved this in 2015 in their guidance. The basis for this is that Microsoft’s Cloud offering is based on “Enterprise Level” security. Within the Microsoft Compliance Centre your compliance manager will find all manner of pleasing reports covering everything from Privacy to IS027001.
However, it would be wrong to assume that sliding your infrastructure across to the cloud absolves you of all risk. The Cloud breaks down into 3 fundamental offerings
1. Infrastructure as a Service – replacing your server and Operating system
2. Platform as a Service – Replacing your operating system and base software
3. Software as a service – Hiring your applications by the month
In example 1. You remain responsible for security, administration etc.
In example 2 and 3 you still have a shared responsibility for the security of your data and need to understand this.
In hybrid mode the security elements are quite complicated and need specialist attention.

Is your data in SharePoint and Teams secure?
Yes it is. If you follow the recommended settings and use multi-factor authentication, almost certainly more safe than on most SME’s own infrastructure. Microsoft have really heaped on multiple layers of additional security features to boost confidence too such as tagging for critical data, Data Loss Prevention and Conditional Access. These are great features. However if you are not managing your Microsoft tenant then it is highly unlikely you are getting the best from these features.

Data security is a game played where you don’t know all the rules and you don’t have all the pieces. All you can do is stay vigilant and try to keep up with the changes evolving within the hacker groups. Certain technologies give you a leg up.
With the advent of Hacking as a Service and Ransomware as a Service on the Dark Web our jobs are not getting any easier!
For professional help with your move to the cloud or information security management please book a consultation.

Can we help?

Book a no obligation phone consultation with one of our management team to discuss your IT support requirements.


Related news


Windows 11 Fails to Make Headway.

Windows Computers make up 76% of the worlds computing technology compared to only 15.7% from the next biggest competitor OSX. Windows 11 has been on general release

Read more

IT Shortages are already here!

China imposed fresh restrictions to cities across the country a couple of weeks ago in an attempt to stop local Covid hotspots from spreading. Wuhan itself was

Read more
Start a conversation

Book a no obligation phone consultation with one of our management team to discuss your IT support requirements.