Microsoft Office 365 – Cloud comfort or free hacker invitation?
There is no doubt that modern cloud-based apps can deliver a range of advantages, including access, cloud backup, and automatic updates, at any time and anywhere. It is also extremely convenient to have all the latest security patches applied to the software without the need for time-consuming personal intervention. Nonetheless, many consumers remain mindful about accessing data in the cloud and much more resistant to anywhere but on your computer hard drive or local backup system to store sensitive information. That is the question? Is this skepticism based on fact, or on this well established human characteristic – resistance to change? In other words, is a cloud application more convenient than potentially threatening security like hacking, and how susceptible are SaaS (Software as a Service) cloud applications to attack first? Take into account Microsoft Office 365, one of the most widely used software packages on the planet with more than 27 million consumer users and over 100 million business users.
Office 365 Safeguard users from attack?
Following a positive BETA launch in 2010, MS Office 365 was launched in June 2011. It provides an integrated suite of cloud-based applications and services such as Word , Excel , PowerPoint, cloud-enabled email, Skype and many other communications devices.
According to most recent Cyber Risk Perception Survey, 48% of malicious email attachments are Office files, up from 5 % in 2017. The tremendous rise is of course troubling as hackers conceal malware as office files attached to emails to trick you into clicking on them.
Nonetheless, this is not a reflection on the security of the software itself, but more so because the app is so common, hackers use this attack vector. Yes, nearly a billion dollars Microsoft has spent a lot money to make Office 365 secured – and that is not a small thing.
Working from anywhere is a good thing or bad thing?
This poses a specific security issue that needs to be fully understood that data can be accessed from anywhere remotely. Although Office 365 might become an unauthorized access option, the most important question is how can hackers obtain the information (like identity/credentials) that they need first?
Almost without exception, this can in one way or another be traced back to human error. A user clicks on email links that they don’t know to be secure or opens a Word document that they should remove. These mistakes open the door for hackers to infect computers and access your personal information, whether or not you use cloud apps.
Thus, if it is primarily a user error that causes problems, it is obvious that users should be properly trained in good security practices and be accountable for knowing the implications as individual customers.
What are the best Practices to protect you/computer from hacker?
Nothing but there are few best practices and be followed to protect you from attacker:
Update your systems and software with latest security updates and bug fixes. Talk to your software/service provider to check updates bulletin.
Weak Passwords – do use good passwords and passwords for various apps if you are hacked, so you don’t lose it all.
Malicious documents open – but don’t. When a record is not remembered and seems suspicious, delete it.
- Block Suspicious Websites – some smart and exciting websites can be fun, but the risk should be understood and left away.
- Shared Computers – there could be a little bit of risk when a user uses own credentials into a shared computer like KIOSK or Cyber Café. Best if you avoid using your credentials into a shared system and use a dedicated computer for yourself.
- And lastly, don’t forget to setup the backup of your applications and data. Backup helps a lot in case of any incident where restore required. A good backup strategy helps organizations to protect their asset and recover faster in case of any issue.
<<<<<<Previously blogged about Microsoft Secure Score>>>>>>