We help IT Professionals succeed at work.

Office 365 account breach

We are seeing office 365 account hacks. What are the possible solutions?

Account hacks are happening from locations unknown and the biggest challenge being that the users are falling for false malacious urls!!
Comment
Watch Question

EE Topic Advisor, Independant Technology Professional
Commented:
The most important thing is to educate your users so they can recognize what is a hack attempt and how to recognize a malicious URL. Make sure everyone is using strong passwords.
Thanks Brian. We have been engaged in educating users and its been an ongoing process. To prevent occourences, is it possible for us to find a url filtering solution that can integrated with office 365?
Rob HensonFinance Analyst
Commented:
A decent antivirus should check URL addresses before allowing the user to visit them and block them if found to be dangerous.
Brian BEE Topic Advisor, Independant Technology Professional
Commented:
Rob has it right. It isn't perfect, but using a good anti-virus/anti-malware as well a firewall with URL inspection and filtering ability should help.
Commented:
You can always use a hardware filter as well, something like a Barracuda email filter:

https://www.barracuda.com/products/emailsecuritygateway

These can get pricey, however, and it all depends on the size of your organization. If you have more than 30 or so people, I would say going for a good external filtering solution isn't a bad idea.
Thanks William. Would it be useful even if we have a lot of users outside of the network too?  And what product will be the best and are there any similar products which could equivelent and less pricey.

Appreciete the timely response everyone .. !!  Appreciete it very much...!!
Brian BEE Topic Advisor, Independant Technology Professional
Commented:
If the users are outside your network, it would depend more on their personal firewalls and AV software. The other option is to require them to be connected to the office via VPN and route all their traffic that way, but that is another layer of complexity that you might not want to get into.
Commented:
The hardware firewall would cover the physical location. This also means that if your outside users are connecting to a server for o365. That said, Barracuda is definitely one of the better systems available and why you see such higher price points. As to alternatives you might try:

https://www.cisco.com/c/en/us/products/security/email-security/index.html#~stickynav=2

https://www.spamtitan.com/

These are also good filters (from what I've heard as I have no personal experience with either the Cisco solution or Spamtitan).
Commented:
This is a common problem that everyone is now facing. If you really want to limit these breaches you should look into deploying Multi Factor Authentication which is actually Free with Office 365. It is going to be painful at first for users but is a better long term solution.

https://support.office.com/en-us/article/Set-up-multi-factor-authentication-for-Office-365-users-8f0454b2-f51a-4d9c-bcde-2c48e41621c6
Commented:
You could also look at Office 365 ATP (requires additional license) that has safe links and will check links users click on.

https://products.office.com/en-us/exchange/online-email-threat-protection
David Johnson, CDSimple Geek from the '70s
Distinguished Expert 2019

Commented:
Q: are the accounts themselves being hacked
OR
are you getting spoofed emails?
OR
phishing emails?