08 Jul Providing Your Clients With Improved Microsoft Cloud Security
The Big Security Issues in Microsoft 365 Cloud Hidden From Most MSPs
Do the end users at your client sites use Teams to interact virtually? What about SharePoint to collaborate on documents? Maybe OneDrive to store business and personal files? Or Outlook’s web version to email?
If they do, their data and proprietary information may be at more risk than you think. And on top of that, they might be wasting money and slowing things down.
Your clients may be oblivious to the cybersecurity risks and productivity problems that they create when they use Microsoft 365’s cloud services and applications. That’s why it’s up to you as the MSP to run regular assessments of the Microsoft Cloud environment for all your clients with Microsoft 365 (formerly Office 365).
Microsoft takes the security of their platform very seriously and has received high marks from the experts on the effectiveness of their service-level security. But that doesn’t protect your clients from their own people, who are probably performing high-risk actions within these applications on a regular basis, whether that behavior is accidental or malicious. Their account credentials can also be acquired via phishing scams and used by third parties to gain access to corporate data stored in the Microsoft Cloud.
Let’s take a look at the most common threats Microsoft Office 365 users face:
- Compromised accounts – such as an unauthorized third party logging in to a corporate account using stolen credentials
- Insider threats – such as a user downloading sensitive data from SharePoint Online and taking it when they join a competitor
- Privileged user threats – such as an administrator providing excessive permissions to a user relative to their role
If you ask your clients and prospects if they know what business data their employees may have put up for grabs in the Cloud, the answer will likely be, “no idea.” If they think they do, they’re probably wrong.
Once you set up an employee with Microsoft 365, they are given 1 terabyte of company storage space to do with what they want. They can create their own groups and teams and provide access to outsiders. It takes seconds to upload, share and store documents, business plans, financial reports and other sensitive business information.
In fact, after analyzing the usage of over 20,000 cloud services, McAfee found that 58.4 percent of sensitive data in the cloud is stored in Microsoft Office documents.
That’s why it’s so important to run regular Microsoft Cloud assessments for every client that uses Microsoft 365 and/or Azure. Until recently, that would have been a time-consuming and laborious process. You would need to log in to each Microsoft Cloud environment separately and use the Microsoft admin tools to click through various directories to display disparate screens of data without seeing the big picture or ramifications of what you’re even looking at.
But RapidFire Tools offers a quick, easy and affordable way to pull all this essential data out of the cloud in about 10 seconds per user, and then automatically generate a wide array of well-organized and pre-analyzed reports. This one tool will help you gain critical visibility into what your clients are doing in the Microsoft Cloud and help you build your own Microsoft 365 managed security service.
Even if you charge your clients an incremental $1 or $2 per user for this service, you will make a handsome profit and deliver a significantly improved security profile – one you can measure and validate through reports.
To learn more about this unique offering, ask for a demo.
In our next installment in this series, we’ll talk about time and money lost in an unmanaged Microsoft Cloud.