Office365 Security Monitoring: It’s Good to Share, or is it?

Category: Uncategorised

It’s Good to Share, or is it?

Would you like everyone to be reading your emails without you knowing?

I’m pretty sure I know your answer, but this is exactly what could be happening, at least to some of your emails.

Has there ever been a time when one of your staff needed access to some information – a certain email folder? Maybe they were working on some financial reports for you or collating some job respondents. It makes short work if you share the email folder with them and it’s easy to do, so why wouldn’t you?

It may even be a common practice, after all many hands make light work.

BUT, did you remember to turn off their permission or do they still have access to that email folder?

Do you know?

Do you know what other information you may have added to that folder since they’ve had access that they just shouldn’t have seen?

Are you unsure if this has been done or if someone else has done it on your behalf?

Well, it’s only my team so it doesn’t matter that much

It’s a misconception that if only internal staff are seeing data there’s no threat.

Should everyone in your business have access to all information?

Is this showing compliance with data protection laws?

Furthermore, do not forget that internal cybercrime is a threat.

Have you ever had a member of staff leave? Would you have liked them to have had access to your personal emails/business information that they could take to a competitor?

And it’s not just internal threats either

If a cybercriminal gets into your system, one of the first things they want to do is hide.

They will want access to the top information though, so what we’ve seen is they go to your important mailboxes and share key folders with a much lower-level account that isn’t going to flag up warnings. Then they don’t need your account access anymore as they will see every email sent and received in those folders, without you knowing anything about it.

But I bet your account is really locked down isn’t it?

I know you take security seriously. Accessing your account is like Fort Knox, isn’t it?

But have you ever shared a mailbox folder with another member of staff who doesn’t have such robust security on their account? I mean theirs aren’t so important, so it’s not needed, is it?

True, but because of this, they are also easier to get into. So, if a cybercriminal manages to get into one of your lower-level accounts, guess what? Yes, if you’ve shared an email folder with this staff member, the cybercriminal now has access to everything in there too. I know scary stuff!

Is this really going to happen?

I know you may think some of this is surely not going to happen, but we’ve seen it all.

Think about a child. You always have to think ahead when they’re learning to crawl, walk, play: I’m sure you’ve seen some things they’ve got up to that you never thought would happen. You literally must plan for every eventuality, the best you can.

It’s pretty much the same with cybercriminals. They will find the most obscure, yet efficient route to gain access and so you need to make sure all entry points are blocked.

How can I find out if I’ve shared a folder?

That’s the pain of it.

Easy to share, but not so easy to remember to stop the share or to see who you have shared with.

You can do it, but you must remember to do all of the steps and check regularly. On top of running your day-to-day business, how troublesome is this?

There IS a better, quicker way!

We can produce a weekly/monthly report that clearly shows what, if any, folders are being shared with your staff.

If there are any shares that shouldn’t be there, you can simply get them turned off.

You may even discover something you didn’t know.

You don’t know what you don’t know. Knowledge is power as they say.

Get in touch with me now for a FREE report on your Microsoft 365 to make sure you aren’t leaving anything to chance.

See Our Recent Blog Posts