Diving Deeper: 4 Best Practices for Securing Enterprise Data in Office 365 (O365)

By Matt Hines, VP of Marketing at CipherCloud & Ishani Sircar, Product Marketing Manager at CipherCloud

So, here we are, both as workers and employers. The COVID-19 environment hasn’t really changed much from a workforce perspective over the last six months, other than the fact that more of us are working remotely, with no real end in sight.

As researchers have highlighted in recent studies, even when the world returns to “normal” many of us will remain outside the traditional office setting. In support of all of this, and the general appetite for more flexible, accessible cloud-based collaboration tools, the growth of these platforms, most notably Microsoft O365, has taken off. By some estimates, the use of the Teams application alone has increased to a whopping 75 million active users per day.

It’s no surprise then that related security concerns are also rising to the fore. Organizations must not only manage primary issues such as enforcing proper access to these cloud collaboration apps, but the data security challenges involved are also really and truly complex. Consider that as users attempt to carry out their work using O365 and Teams, in particular, security operations staff have to cover off on related workflows including data classification, privileged user monitoring, and even removal of third parties from channels that involve the sharing of sensitive data.

These are commonly approached as discrete and difficult actions in the on-premise world. Now we have moved them to the cloud. From a security tooling standpoint, as users embrace a nearly limitless variety of O365 data use cases – internally, and with external partners and customers – traditional email gateways and Data Loss Prevention (DLP) tools lack sufficient control over the cloud collaboration environment.

Security challenges on O365 are compounded further by the increased presence of unmanaged devices, siloed security solutions, inflexible data protection integrations, and limited data security controls resident in cloud collaboration tools themselves. Those native O365 data security solutions involve multiple consoles, additional integration obstacles and tools, and relatively high costs.

It’s no wonder that we hear practitioners asking the market for more of a “single pane of glass” that delivers some combination of data classification and protection, access controls, and device management without forcing them to jump through so many hoops or commit as much of their budget.

CASBs have the capabilities to address O365 and Teams security in an efficient manner. CASB solutions are able to address specific use cases including:

1. Controlling Unmanaged devices: Enabling users to access O365 from any device while ensuring that the right controls are in place. Today’s CASBs offers adaptive controls that enable practitioners to disable the storage of sensitive data like PCI/HIPAA and configure policies based on business requirements.

1. Securing email and Teams collaboration: Protecting specific data sets across O365 Email and Teams collaboration models. A CASB can help detect when users attempt to share sensitive information (SSNs, card data, PHI data, etc.) on email, Teams chats or channels with an unauthorized or external user; policies can be tailored to mask or delete that information.

1. Privileged user monitoring: Protecting against improper data handling. A CASB can help detect anomalous user behavior such as logging from an unusual location and downloading an unusual amount of data. Administrators can move quickly to remove access and even wipe involved data.

1. Data classification: Securing sensitive files with multi-level policy enforcement. Using today’s CASBs, O365 and Teams collaboration can be secured by controlling how/where/when sensitive data is shared, specifically through the use of integrated DLP and centralized policies.