Want to know more about CyberHive Trusted Cloud?

Book a Demo

Why 2FA is an inadequate response to securing Office 365

IT decision makers at financial institutions were quick to see the advantages of moving to cloud-based platforms; the ability to provide unique types of services, to become agile and to lower operational costs. The propensity toward early adoption of new technology in this vertical is also true of SaaS, with Office 365 now being widely used for B2B communication and collaboration. Microsoft’s focus on making its cloud services meet FISC & GDPR requirements makes O365 a natural choice for a highly regulated industry that habitually deals with extremely sensitive data.

According to the 2019 IBM X-Force Threat Intelligence Index, the finance and insurance sector has been the most-attacked industry for three years in a row. A report by the Boston Consulting Group found that financial services firms are 300 times more likely to be targeted. Threat actors focus on these organisations for their bounty of personally identifiable information (PII), credit card numbers, and other banking information that can be lifted and sold on. Billions are spent every year on cyber-crime and online fraud prevention by financial services firms. But like moths to a flame, the draw of highly lucrative data remains irresistible.

Your cyber defences improve, their attack strategies evolve…

The threat level posed by phishing has increased in recent years as social engineering tactics have become more and more sophisticated. Worryingly, IBM found that in 27% of phishing incidents Office 365 users were targeted. The advantages offered by O365, namely it’s flexibility to work from any location and device is also a disadvantage when you consider security. A single compromised password can result in a major data breach, causing severe damage to an organisation’s bottom line and reputation. An ICO fine under the GDPR is also increasingly likely.

Phishing attack

An Inadequate Response: Two-factor authentication

Many financial organisations have already deployed 2FA to bolster access management security for employees and customers. However, humans make errors:

  • A mistake by a system administrator when setting up 2FA for O365.
  • An end user choosing a weak or leaked password. Employees are notoriously bad at adhering to corporate password policy unless it is rigorously enforced.
  • An unsuspecting end user clicking a link in a phishing email and revealing their login.

Additionally, mobile phones can get lost, cloned, or compromised by increasingly sophisticated malware. Even text-messages can be easily redirected. According to a report by Kensington, a laptop is stolen every 53 seconds and over 70 million mobile phones are lost annually. If you are currently using a 3rd party 2FA provider, how confident are you in their security stance? What happens if their system administrators make a mistake, opening your accounts to attack? In November of 2018, a Vovox database was breached exposing more than 25 million text messages, some of which contained 2FA codes.

In today’s perpetually evolving threat landscape, strengthening O365 user authentication with 2FA simply isn’t enough. The possibility of a single point of failure from human error can never be eradicated… or can it?

The Solution: Gatekeeper for Office 365

Recognising the weaknesses of traditional access management systems, a central government department approached CyberHive to design & deploy a truly secure implementation of O365. Our development team relished the challenge and worked tirelessly on the solution; one that combines ease of use with unparalleled security. Gatekeeper works by introducing a privileged access management service to act as a bridge between the end user and O365. This allows us to introduce three diverse security measures which can be administered independently.

  • Device authentication
  • User authentication (also using multi-factor authentication)
  • Trust verification (cloud infrastructure protected by ‘Trusted Cloud’ technology)

This eradicates the possibility of a single point of failure from human error.

Gatekeeper for Office 365 network diagram

Devices are validated by the Gatekeeper service before a user can connect to Gatekeeper. Independently, users are then authenticated using a USB/NFC security key, biometrics, or another multi-factor authentication (MFA) method. Furthermore, the whole cloud service is protected from threat actors by CyberHive’s patented ‘Trusted Cloud’. This cyber defence technology employs a cutting-edge patented approach – distributed hardware-backed whitelisting. Insider threats, external hacking attempts or any other unauthorised server activity is detected and located in seconds!

Key features

Protects against human error
Gatekeeper’s multiple, independent security features ensure that no single configuration failure can cause a security breach. Access to the service and user account set-up can be administered separately which eliminates any single human error as a possible root cause of a security incident. Furthermore, lost credentials, a stolen device and phishing cannot result in a data breach.

World class security
Authenticated users can only access O365 using a specific device (with a valid VPN certificate). We also prevent access to O365 from the open internet (enforced via IP restrictions) and as an added security feature we maintain secure log files of all access events and file moves.

Simple to use, highly flexible
Experience the flexibility of working outside the office, knowing that O365 security can never be compromised. Users find Gatekeeper authentication very quick and easy to use. They also like the ability to work remotely on the device of their choice (Windows, Mac, iOS or Android) since we secure all O365 features including; Sharepoint, Outlook and Teams. Administrators comment on how easy it is to add / remove new devices and users. They also like the seamless integration with Active Directory and existing 2FA / MFA authentication systems.

Utilise best of breed technologies to secure your data

When calculating the cost of a data breach, highly regulated industries top the list with financial organisations coming a close second behind healthcare. Last year the average total cost of a data breach for the finance sector stood at $5.86 million with a cost per record of $210 (Ponemon Institute). Gatekeeper for O365 can be rolled out across a whole organisation at a fraction of the cost of one compromised account. For finance and insurance businesses investment in securing their data is becoming ever more important. Unfortunately, no one cyber security technology can provide a ‘one stop shop’. Choosing a combination of best of breed technologies would seem the logical approach as we prepare to tackle the Knowns and Unknowns of securing data in 2020 and beyond.

For more information contact CyberHive or download our Product Datasheet.

+44(0) 1635 881 880 | [email protected]

Categories

Other Insight Articles

  • Supporting UK businesses during the COVID-19 pandemic

    Almost every day we hear about new ways cyber criminals are exploiting the COVID-19 crisis. Phishing scams, social engineering tactics, fraudulent websites and ransomware are constantly evolving an...

    Find out more
  • Trusted VPN: Helping law firms to elevate their cyber security stance

    Given how much valuable and commercially sensitive information they hold, law firms are prime targets for cyber criminals. DLA Piper was hit by the highly destructive NotPetya malware in 2017, this...

    Find out more
  • Trusted Cloud: Helping your organisation maintain GDPR compliancy by securing your data

    It is now 21 months since the GDPR came into force. For the period 25/05/18 to 27/01/20, authorities within the EEA were notified of 160,921 personal data breaches. DLA Piper’s research also reveal...

    Find out more
logo

VPNs are a crucial part of your defences, but they're vulnerable to #CyberAttacks. Upgrade to CyberHive Trusted VPN https://cyberhive.com/vpn/ Our Trusted Cloud tech verifies a secure audit trail of all VPN config & code. This guarantees that your #VPN software hasn't been #hacked.

Contact Us

Please fill in the details below to get a 2 week demo of
CyberHive's cloud platform technology