Office 365 account breach

We are seeing office 365 account hacks. What are the possible solutions?

Account hacks are happening from locations unknown and the biggest challenge being that the users are falling for false malacious urls!!
Ramakrishnan SudhakarAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Brian BEE Topic Advisor, Independant Technology ProfessionalCommented:
The most important thing is to educate your users so they can recognize what is a hack attempt and how to recognize a malicious URL. Make sure everyone is using strong passwords.
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ramakrishnan SudhakarAuthor Commented:
Thanks Brian. We have been engaged in educating users and its been an ongoing process. To prevent occourences, is it possible for us to find a url filtering solution that can integrated with office 365?
0
Rob HensonFinance AnalystCommented:
A decent antivirus should check URL addresses before allowing the user to visit them and block them if found to be dangerous.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Brian BEE Topic Advisor, Independant Technology ProfessionalCommented:
Rob has it right. It isn't perfect, but using a good anti-virus/anti-malware as well a firewall with URL inspection and filtering ability should help.
0
William MillerInventory/IT ConsultantCommented:
You can always use a hardware filter as well, something like a Barracuda email filter:

https://www.barracuda.com/products/emailsecuritygateway

These can get pricey, however, and it all depends on the size of your organization. If you have more than 30 or so people, I would say going for a good external filtering solution isn't a bad idea.
0
Ramakrishnan SudhakarAuthor Commented:
Thanks William. Would it be useful even if we have a lot of users outside of the network too?  And what product will be the best and are there any similar products which could equivelent and less pricey.

Appreciete the timely response everyone .. !!  Appreciete it very much...!!
0
Brian BEE Topic Advisor, Independant Technology ProfessionalCommented:
If the users are outside your network, it would depend more on their personal firewalls and AV software. The other option is to require them to be connected to the office via VPN and route all their traffic that way, but that is another layer of complexity that you might not want to get into.
0
William MillerInventory/IT ConsultantCommented:
The hardware firewall would cover the physical location. This also means that if your outside users are connecting to a server for o365. That said, Barracuda is definitely one of the better systems available and why you see such higher price points. As to alternatives you might try:

https://www.cisco.com/c/en/us/products/security/email-security/index.html#~stickynav=2

https://www.spamtitan.com/

These are also good filters (from what I've heard as I have no personal experience with either the Cisco solution or Spamtitan).
0
epohlCommented:
This is a common problem that everyone is now facing. If you really want to limit these breaches you should look into deploying Multi Factor Authentication which is actually Free with Office 365. It is going to be painful at first for users but is a better long term solution.

https://support.office.com/en-us/article/Set-up-multi-factor-authentication-for-Office-365-users-8f0454b2-f51a-4d9c-bcde-2c48e41621c6
0
epohlCommented:
You could also look at Office 365 ATP (requires additional license) that has safe links and will check links users click on.

https://products.office.com/en-us/exchange/online-email-threat-protection
0
David Johnson, CD, MVPOwnerCommented:
Q: are the accounts themselves being hacked
OR
are you getting spoofed emails?
OR
phishing emails?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Office

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.