دانلود کتاب Best Practices Guide for Securing Access to Office 365

Office 365 has become the most widely used cloud service in the world — which makes it a prime attack
vector. According to the 2017 Microsoft Security Intelligence Report, Microsoft cloud user accounts saw a 300% increase in cyberattacks over the past year. The report found the majority of these compromises were the result of weak, guessable passwords and poor password management, followed by targeted phishing attacks and breaches of third-party services. Also, on the rise are account sign-ins attempted from malicious IP address – up 44% in 2017.

Many applications and Microsoft Outlook clients use the WS-Trust protocol, including the mail apps that come with iPhones and Macs. The problem with this legacy protocol is that it doesn't allow two-factor authentication (2FA) and only supports password-based authentication. With the amount of sensitive information flowing through your Office 365 instance, password only protection is simply inadequate.

Since attackers are continually finding new ways to defeat authentication challenges, including those based on 2FA, organizations must constantly adapt to defend themselves.