If your in Office 365, Hybrid environment, 10’000 users, is there a way to block access to Exchange Online email/other services from other countries?
We are seeing an large increase in compromised accounts so once the malicious party has the credentials, they log into OWA and send out hundreds of malicious emails, which don’t get scanned as they are considered internal to exchange online. From what I’ve been told.
I know the answer is turn on MFA, which I plan on doing in the near future, but I’m curious as to what other steps can be taken to block or stop these issues almost on a daily basis.
I know I can set cloud app security policies to alert and suspend a user and require the user to log on again, but since were hybrid, with AD on prem, I feel like those features don’t work.
Looking for ideas to better secure external access to online services.