Office 365 account breach

We are seeing office 365 account hacks. What are the possible solutions?

Account hacks are happening from locations unknown and the biggest challenge being that the users are falling for false malacious urls!!
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Brian BEE Topic Advisor, Independant Technology ProfessionalCommented:
The most important thing is to educate your users so they can recognize what is a hack attempt and how to recognize a malicious URL. Make sure everyone is using strong passwords.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ramakrishnan SudhakarAuthor Commented:
Thanks Brian. We have been engaged in educating users and its been an ongoing process. To prevent occourences, is it possible for us to find a url filtering solution that can integrated with office 365?
Rob HensonFinance AnalystCommented:
A decent antivirus should check URL addresses before allowing the user to visit them and block them if found to be dangerous.
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Brian BEE Topic Advisor, Independant Technology ProfessionalCommented:
Rob has it right. It isn't perfect, but using a good anti-virus/anti-malware as well a firewall with URL inspection and filtering ability should help.
William MillerIT SpecialistCommented:
You can always use a hardware filter as well, something like a Barracuda email filter:

https://www.barracuda.com/products/emailsecuritygateway

These can get pricey, however, and it all depends on the size of your organization. If you have more than 30 or so people, I would say going for a good external filtering solution isn't a bad idea.
Ramakrishnan SudhakarAuthor Commented:
Thanks William. Would it be useful even if we have a lot of users outside of the network too?  And what product will be the best and are there any similar products which could equivelent and less pricey.

Appreciete the timely response everyone .. !!  Appreciete it very much...!!
Brian BEE Topic Advisor, Independant Technology ProfessionalCommented:
If the users are outside your network, it would depend more on their personal firewalls and AV software. The other option is to require them to be connected to the office via VPN and route all their traffic that way, but that is another layer of complexity that you might not want to get into.
William MillerIT SpecialistCommented:
The hardware firewall would cover the physical location. This also means that if your outside users are connecting to a server for o365. That said, Barracuda is definitely one of the better systems available and why you see such higher price points. As to alternatives you might try:

https://www.cisco.com/c/en/us/products/security/email-security/index.html#~stickynav=2

https://www.spamtitan.com/

These are also good filters (from what I've heard as I have no personal experience with either the Cisco solution or Spamtitan).
epohlCommented:
This is a common problem that everyone is now facing. If you really want to limit these breaches you should look into deploying Multi Factor Authentication which is actually Free with Office 365. It is going to be painful at first for users but is a better long term solution.

https://support.office.com/en-us/article/Set-up-multi-factor-authentication-for-Office-365-users-8f0454b2-f51a-4d9c-bcde-2c48e41621c6
epohlCommented:
You could also look at Office 365 ATP (requires additional license) that has safe links and will check links users click on.

https://products.office.com/en-us/exchange/online-email-threat-protection
David Johnson, CD, MVPOwnerCommented:
Q: are the accounts themselves being hacked
OR
are you getting spoofed emails?
OR
phishing emails?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Office

From novice to tech pro — start learning today.