If your organisation is using Microsoft 365, don’t just assume you’re safe!! Misconfigurations remain one of the top causes of breaches. Nearly 23% of cloud security incidents stem from configuration mistakes, and most of them are human error too....Get Auditing ✍ 🔍 Things to double-check: - Default and Conditional Access settings (tenants created before 2019 are at higher risk) - IAM permissions - overly broad roles, missing MFA, guest/external access - External sharing in OneDrive, SharePoint, Teams - Logging, monitoring, and alerting configurations 💥 In 2024, misconfigurations in Microsoft 365 email settings contributed to 43% of 180 reported email related breaches, exposing sensitive data in critical industries - Don’t wait for an incident to check your settings #CyberSecurity #M365 #CloudSecurity #IdentityAndAccessManagement #ConditionalAccess
Caught up with Holly Ellwood this week to discuss mis-configuration and it's role in vulnerability management. Holly gave me a great example relating to Microsoft 365 and how mis-configuration can leave holes for exploitation. Just to prove the point on how easy it is to make a mistake I've left in a little one of my own... #CyberSecurity #CelerityTeam #SecurityMadeSimple
