Comprehensive M365 Security Audit
Our M365 Security Audit checks admin accounts, users, mailboxes, and rules on your M365 tenant for vulnerabilities allowing you to identify issues before they become a major problem. The audit analyses mailboxes for mailbox permissions, forwarding settings, passwords, MFA, elevated admin rights and much more.
Mailboxes are gateways into your network, often containing sensitive information. Inactive mailboxes represent wasted resources and are potential breach points that go unmonitored. Therefore, it’s important to utilise every possible resource to protect your business. Default mailbox auditing in 365 can be minimal, but using the advanced mailbox auditing capability can help administrators investigate suspicious activity. The Mailbox Information Report included in your Security Audit will highlight mailboxes on your tenant that need advanced auditing enabled.
Inbox Rules Vulnerability
Inbox rules that are configured to forward, delete, or move messages are often used by cybercriminals to avoid detection or suspicion. Without an auditing tool, administrators and users might never be able to identify potential threats. The Inbox Rules Report included in your Security Audit will show all inbox rules for all mailboxes in your M365 tenant. The description column describes the function of the rules and provides a quick way to confirm the rules intended purpose so you can investigate and take action.
Forwarding Mailboxes Vulnerability
In addition to hackers forwarding mail to hide their true purpose from administrators, users often forward business email to personal accounts for convenience without knowing the risk they are adding to your business. The Forwarding Mailboxes Report included in your Security Audit will show all mailboxes on your M365 tenant that have forwarding enabled so you can investigate risky behavior or suspicious data points.
Transport Rules Vulnerability
Transport Rules are often used to control tenant wide settings in 365. Spammers that gain access to admin credentials frequently create transport rules that allow phishing emails to reach end users. In a similar fashion, spammers also leverage transport rules to copy confidential data to unauthorized destinations. If you find malicious transport rules on your tenant, it is safe to assume administrator credentials have been compromised. The Transport Rules Report included in your Security Audit will show all transport rules on your 365 tenant, which helps you to take remedial action.
Connectors are frequently used in 365 to allow on-prem resources such as your printer/scanner to send email. Spammers leverage connectors on reputable 365 tenants to send out blasts of phishing emails. Microsoft strictly monitors outbound traffic in 365, so a malicious connector can easily result in your entire 365 tenant being blocked. The Inbound and Outbound Connectors Report included in your Security Audit will help identify malicious connectors on your tenant, along with potentially compromised admin credentials.
Security audits should not be a one-time thing. Our Security Audit tool can monitor your environment as events unfold, and in some cases, instantly remediates vulnerabilities. This allows your IT team to effectively repurpose their time knowing that security is addressed. Our longstanding relationship with Microsoft gives us unique insights into announcements and product changes.
Talk to us now about an initial audit and ongoing protection.