Managed Detection and Response (MDR) for Microsoft 365
The UK is the biggest target for phishing attacks in Europe. 96% of organisations in the UK were targeted by phishing last year. Spain was the second worst affected (94%), while France and Italy were among the least affected, at 85% and 79%, respectively. (Proofpoint)
Cloud10’s MDR for Microsoft 365 secures your users, applications and data by combining powerful monitoring software and automation with experienced an experienced security team working 24/7/365 in a Security Operations Centre (SOC).
MDR continuously monitors and protects key services your business uses, including:
- Email, Calendars & Contacts – personal information and attachments
- Teams – chat, share, and collaboration
- OneDrive – individual and shared user files
- SharePoint – company-wide shared files
- Azure – data held in Microsoft Azure
Why do we need MDR for M365?
Your business relies on services based in the Cloud and traditional security solutions are no longer enough. Employees, regardless of their position, can easily fall victim to convincingly forged emails, websites, or messages that come across as legitimate communications.
If an account gets hacked, the emails from that account won’t be stopped by spam filters and join regular email conversations, mimicking the writing style of the compromised user’s email. This could trick other employees into unknowingly causing financial and reputational harm to your company.
24/7/365 monitoring with MDR for Microsoft 365 will protect your business from incoming and ongoing cyber attacks which otherwise lead to:
- Financial fraud and losses through email chain tampering
- Data loss via external email forwarding
- Unauthorised sending of emails inside and outside your organisation
- Downtime caused by malicious activity and for incident investigation and remediation
What does MDR for Microsoft 365 actually do?
MDR for Microsoft 365 from Cloud10 protects your Microsoft 365 cloud services by stopping cyber attacks.
24/7/365 monitoring from automated security detectors
MDR for Microsoft 365 uses advanced detection technology to examine data logs from Microsoft. It identifies possible harmful events and recognises risky behaviours by users such as:
- Access from new devices/locations
- Email manipulation
- Privilege escalation
- Suspicious email rule creation
3 key threats that Cloud10’s MDR for Microsoft 365 continuously monitors for…
Suspicious Login Identification
MDR systems and the 24/7/365 security team monitor accounts to check if they're being accessed from different/unusual places using unrecognised devices and browsers.
Suspicious Mail Forwarding or Rule Configuration
Hackers exploit compromised email accounts for a number of reasons, such as making rules to send emails outside the organisations and hiding the ones coming in to pretend they're the account owner.
Privilege Escalation
Hackers may modify permissions of compromised accounts or others in the email domain. MDR's 24/7 monitoring detects suspicious changes
What happens if a suspicious threat is identified?
Upon compromising an account, swift action is essential. The MDR 24/7/365 security teams employs Account Isolation to promptly disable access across all applications and devices. Remediation steps then enable the Cloud10 team to restore user access securely within minutes, not days or hours!
Chat with one of our friendly, experts about MDR for Microsoft 365