The CIO Blog | CrucialLogics

Protect Yourself:  Office 365's Extensive Auditing and Alerts

Written by Amol Joshi | May 9, 2019 6:04:13 PM

As we’ve discussed in our previous blog, the whole world is moving to the cloud. In fact, it’s been estimated that 75%[1] of infrastructure will be under third party control by 2020. It’s no wonder why- when we shift the burden of infrastructure to an offsite third party, we not only free up time and space to focus on our business goals, but we also increase collaboration, decrease costs, and ensure we remain competitive in today’s marketplace.


That being said, the move to the cloud isn’t without its concerns. 73%[2] of enterprises have indicated that security is the number one factor holding them back from SaaS adoption. Migrating your organization’s information to the cloud is a bit like sending your first-born off to kindergarten. Though we know it’s the right thing to do, parents are plagued by the “what if’s”; the countless scenarios in which the proverbial baby could have her snack stolen on the way to the playground.

At CrucialLogics, the way we escape the loophole of worry is by educating our clients on the immense store of security functionality in the Office 365 platform. Armed with the knowledge of how safe the Microsoft 365 environment is, and the constant supervision of 365’s auditing and alert functionality, our clients find themselves breathing a sigh of relief. Let’s take a look at how it works.

What’s So Great About Auditing?

Office 365’s auditing functionality is based on the foundation of three principles:

1. Unity
2. Integration
3. Intelligence

The platform takes a holistic approach, monitoring the system extensively each and every day. Auditing is “on” by default for E3 and E5, and offered as an opt-in for all other Office 365 tenants. As the system goes about its daily work, it conducts:

- 100,000 searches per day
- Tracks 4,000 distinct events
- Collects 1 Billion events per day

The audit functionality consists of both insights and alerts under the umbrella of Security and Compliance Intelligence. Services including SharePoint, OneDrive, AzureAD, Security & Compliance Centre, Power BI, and Exchange Online all have access to applications such as Audit Searches, Reports, and Secure Dashboards. This means that aggregate data is collected and harnessed as powerful insights to increase your ongoing security program, while more immediate threats are evaluated and brought to you as alerts.

Alerts: Office 365’s Promise of Communication

Undergoing such extensive security auditing every day, Office 365 offers the user alerts that can be tailored to your organization’s specific needs. These alerts can be broken down into Basic Alerts, Intelligent Alerts, and First Party Alerts. Let’s take a look at some examples of each:
Basic
- Elevation of privilege
- User added new mailbox permission

Intelligent
- Unusual volume of file deletion
- Unusual volume of file sharing with sensitive data
- Unusual volume of file download with sensitive data
- Unusual volume of file deletion with sensitive data

- Malware campaign detected after delivery
- Malware campaign detected and blocked
- Logins in certain IP range in a time period increased by 2 times

First Party
- Incident based DLP policy match
- Mail filtering

Enhance Your Security with 365

Is your organization ready to transition your data to the next phase? Having successfully completed migrations with more than 1 million objects for clients across multiple industries, CrucialLogics is perfectly positioned to assist your organization in moving to the cloud, and remaining secure once you’re there. For more information on how CrucialLogics can transform your company’s security strategy, reach out to our team today.

 [1]Cybersecurity Ventures, “2018 Cybersecurity Market Report”, https://cybersecurityventures.com/cybersecurity-market-report/

[2]Cloud Security Alliance, “Cloud Adoption Practices & Priorities Survey Report”, https://downloads.cloudsecurityalliance.org/initiatives/surveys/capp/Cloud_Adoption_Practices_Priorities_Survey_Final.pdf