April 21, 2020 Cloud Security for Financial Markets using Microsoft Teams We explore the security considerations for financial institutions that have a ton of confidential and sensitive data. Also, we further look at Microsoft Teams and how it can help collaboration in the office or remotely for such heavily regulated industries. Introduction Cybersecurity risks have always befuddled financial institutions and capital markets when it comes to moving to the cloud. The emergence of cloud services paved a way for mobile breakthroughs and real-time data analysis. Payment card numbers, social security numbers, user passwords, business plans, financial records, and every other sensitive information can rest on the cloud. Cloud security if compromised has grave implications for financial markets. Their concern for security and compliance regulations is understandable as protected data must not travel beyond national borders. Greatest fears that plague financial markets today are online frauds, scams, privacy breaches, money laundering, and lending discrimination. However, organizations that chose to migrate their services to the public cloud gained a massive competitive advantage over their rivals recently. Cloud-based collaboration platforms such as Microsoft Teams, empowered businesses by driving user engagement and productivity. In fact, continuous security improvement in the public cloud is inspiring more and more organizations to become a part of the shared platform. So, can financial organizations and capital markets also rely on the public cloud? Can public cloud fulfill global compliance requirements for financial markets? Cloud Security Microsoft’s endeavor to provide an additional layer of security for organizations that need greater visibility and control over their cloud services is commendable. Let’s explore how Microsoft hardwires cloud security in its operational framework to manage risks for financial markets using Office365 and Microsoft Teams. Service Level Security Microsoft 365 has built-in service-level security that splits into physical, logical and data layers. Microsoft’s data centers are under high surveillance for security at a physical level. Smart cards, biometric scanners, and two-factor authentication are security checkpoints for service access. Similarly, at the network level, protocols and port numbers follow firewall rules and tiered access control lists to disallow invasion. At the logical level, Microsoft 365 follows the software security assurance process during every stage of the Security Development Lifecycle (SDL). Automated operations on hosts and apps and Microsoft Lockbox reduce human intervention. Additionally, anti-malware software does not let malicious code corrupt the systems. Microsoft also sequesters an infected system to control the spread. It performs regular system patches such as hotfixes, perimeter vulnerability scanning too. Microsoft also segregates co-tenant data using Active Directory for Microsoft 365. It is compliant with cryptographic standards such as SSL, TLS, AES, etc. to encrypt data in transit as well. It secures data at rest using BitLocker encryption. Updates to files ensure that the key renews thus preventing breaches. Email Threat Protection Office 365 employs advanced threat protection for Exchange Online. Using Machine learning (ML), email attachments are scanned and marked safe. This prevents malicious code spread across the tenant. Real-time protection of emails detects malicious URLs and blocks them so users and data remain unharmed even if they click it accidentally. Furthermore, Microsoft scans trillions of signals across the web to detect malicious URLs and virus origination points. Security Monitoring Microsoft’s Operation Security Assurance (OSA) strictly adheres to regulatory standards such as ISO 27001, SSAE 16 SOC1 Type II and HIPAA. Microsoft’s operational security processes conforms to the latest business requirements and standards. Office 365 governs applications through internal and external audits for continuous monitoring and identification of operational risks. Rights Management Service With Azure Rights Management Service (RMS), Microsoft ensures the safety of sensitive content that is shared. This restrains users from performing critical actions on data. Also, accessing the content is not possible by external partners if their Office 365 environment is incompatible. To freely collaborate with clients, partners must migrate to Azure RMS. Data Loss Prevention Data Loss Prevention (DLP) is yet another intelligent service that Office 365 offers to its customers. It can locate sensitive information hidden in messages or files. It then applies policy tips you configured about what action needs to be taken. Most organizations use DLP to search for credit card numbers, insurance numbers and other identification numbers. Secure MIME Secure Multipurpose Internet Mail Extension (S/MIME) is used to send secure emails by encrypting the data. The digitally signed message can be decrypted by the recipient with a private key so that it can’t be deciphered by anyone during transit or at rest. S/MIME offers authentication and integrity for electronic messaging, especially required in B2B, B2C and government use cases. Transport Layer Security For setting up secure connections with partners, Transport Layer Security (TLS) is used by organizations. TLS are cryptographic protocols that encrypt the connection between two hosts and not messages. TLS uses security certificate to ensure a secure channel of communication with a business partner who doesn’t use Office 365 environment. Federated Identities and Multi-factor Authentication Microsoft integrates Azure Active Directory platform with Active Directory Federation Services to extend advanced access control capability. A federation trust is established between on-premises Active Directory and Office 365 suite. Users who have federated identities can access Office 365 cloud services using their Active Directory corporate login credentials. Cloud services are accessed by multiple devices regardless of location or network. Hence multi-factor authentication is must to create a protected layer of defense against intrusion. Multifactor authentication requires two or more login credentials from independent categories to validate user’s identity. Assume Breach Approach To prevent breach, Microsoft keeps enhancing its built-in security features including port scanning, network level boundaries, DDoS prevention etc. Advanced AI intelligently detects security breaches and sends alerts by monitoring internal security systems and customer actions. Access to confidential data is instantly ceased in case of a security breach and the concerned parties are notified. Finally, to recover from the breach, the system automatically updates and audits the affected part of the system to discover system fragility and weaknesses. Office 365 Compliance Microsoft’s cloud services fully comply with industrial and government standards to safeguard customer’s data against illegitimate transfer or use. It has acquired accreditation namely SAS 70/SSAE 16, ISO 27001, HIPAA, EU Safe Harbor, FISMA, and PCI DSS. Microsoft is also responsible for sharing the reports of audits of information security policy conducted by experts annually. Secure Collaboration with Microsoft Teams Microsoft Teams is a cloud-based multi-function collaboration platform that facilitates seamless and secure communications for financial institutes and other organizations to transform their business operations while complying with regulations. Organizations that have adopted Microsoft Teams are experiencing a massive rise in user engagement and overall productivity in virtual workspace. Here’s why you can trust Microsoft Teams: Governance Controls Managing integrated applications is a controlled process in Microsoft Teams. Hence, create collaboration spaces by trusted content owners or stakeholders. Users need to justify the purpose of their groups. Maintain collaboration best practices for access and ownership. Control third-party integrations using administrators at the team level. Policy Enforcement Microsoft Teams allows automating properties and naming conventions when user creates a group or team. It facilitates easier discoverability of teams and information they hold and restrain inappropriate usage of words. Also, configuring group expiration policies saves a lot of time in information lifecycle management. Secure User Identities Compromised identities lay a stronghold for credential leakages, anonymous sign-ins or other suspicious activities. Microsoft Teams implements Azure Risks Policies to protect user identities girding organizations to remediate potential attacks. Intelligent Security Graph Intelligent Security Graph uses machine learning, AI and behavioral analytics to derive rich threat insights. It helps organizations to detect cyberattacks and speed up the remediation process. It also helps Microsoft to brace its products and services. To embed threat protection capabilities, Microsoft integrates Office 365 Advanced Threat Protection (OATP), Microsoft Defender Advanced Threat Protection (MDATP), Windows Defender System Guard (WDSG), Microsoft Cloud App Security (MCAS), and Azure Advanced Threat Protection (AATP) security solutions in Office 365 productivity suite. Insider Risk Management Once again Microsoft leverages machine learning as a savior when to comes to spot insider risks. Insider Risk Management helps mitigate accidental or intentional data leakages by employees. Employees when leaving organizations are very likely to download or copy company’s legal information, marketing content, product designs or employee private data for personal use or to show them to future employers. Insider Risk Management solution intelligently identifies exfiltration patterns, analyses potentially risk user behaviors and surfaces key activities for internal investigators to examine. Security and Governance using TeamsHub by Cyclotron Automate most of the security and governance controls in Microsoft Teams using TeamsHub by Cylotron. Streamline administration, cloud security with Microsoft Teams for financial markets. For more information on security please read the article on Security, Document Tracking and Sharing with AIP. For more articles on governance and best practices please visit our blog Summary Cloud security is one of the foremost concerns for financial markets. Consequently, adopting cloud and enabling a robust and secure framework for productivity and collaboration in the office or remotely can be achieved using Microsoft Teams. Furthermore, TeamsHub by Cyclotron can enable a lot of security features with little effort. Suggested Reading Office365 Advanced Threat Protection
April 13, 2020 Zoom vs Microsoft Teams – Security and Privacy in a COVID-19 world Our POV on the Zoom v Microsoft Teams debate. Introduction In this article we take a look at the Zoom security flaws, some of Microsoft Teams strength and how we can keep video conferencing secure and private while enabling remote work in a post-COVID-19 world. Virtual collaboration platforms such as Zoom and Microsoft Teams are phenomenal sources of unified communications. In the age of remote and mobile work, they enable continuous operability. Ever since the COVID-19 pandemic began, there was an instant demand for everything to be virtual. Corporate clients, government entities, schools, and institutions; all have chosen video conferencing and live streaming to continue operations. However, when hundreds of millions of users are interacting through any platform, the security of data continues to be a concern. The news of bombing a Zoom meeting aka Zoom bombing scandal has been doing the rounds nowadays. Shockingly, it allowed hackers to infiltrate chat rooms with profane content. Moreover, anyone could easily access or see the shared content online through Zoom. This all sums up to show that Zoom is vulnerable to threats and data exposure as well. As per the latest reports, Zoom’s services are now being discarded by many due to its serious security loopholes. Consequently, people are now in a fix asking a question of which platform is right to use? Is Teams the one to bank upon for all communications and safety-related issues? Though Zoom and Teams equally serve their best in creating video-collaboration culture, there are security differences that set them apart. Before we read about Teams security practices, let us first demystify the underlying causes of Zoom’s vulnerability: Zoom Anyone can join a Zoom meeting using a shared link without downloading any software. It is Zoom’s most enchanting feature that triggered its whopping usage worldwide. On the verge of making its services easy to its customers, Zoom enabled browser interface for one-touch meeting joins from standards-based video endpoints. It eventually caused Zoom connector application to create unsecured URLs lacking authentication controls to login to the Zoom cloud. Sadly, it leaves a giant room for unauthorized users to easily control video endpoints from any browser without login credentials. They can manipulate cameras, make calls and invoke device settings without permission. Along with other security issues, Zoom is also found to be using a weaker encryption algorithm to encode audio and video data. Needless to say, the software can be easily tampered by cybercriminals. Microsoft Teams Microsoft Teams is built on Office 365 hyper-scale. The strong cybersecurity and compliance controls create a sturdy groundwork to prevent phishing attempts or ransomware attacks. The two-factor authentication process in Teams protects accounts from identity theft. Also, encrypted user data transmissions using Secure Real-time Transport Protocol (SRTP) prevents potential data leaks. It further ensures risk-free document sharing and data storage in Teams. Teams stores sensitive data in SharePoint, OneDrive for Business, Exchange, Stream, and Groups. To fetch any information from these controlled repositories, one needs eDiscovery rights. With Teams, attendees can be easily managed in meetings keeping the user access transparent. If you want to allow guest users to attend your meetings, you can do it while retaining complete control over your environment. You can even restrict users to share any content. Additionally, Teams integrates advanced AI for automating the detection of bullying, trolling or illicit messages through chat and conversations. All sumps up to provide you an enhanced collaboration experience covering you with safety. Summary As a key player in collaboration, Microsoft Teams pledges to secure user information complying with more than 90 regulatory standards and laws. If you are using Teams for collaboration, you must remain confident that your privacy is Microsoft’s priority and commitment. Coming back to comparing Zoom with Teams, I would suggest using Zoom for having public conversations only. But if you are an organization that doesn’t compromise with security at all, then definitely Teams is a valid choice for you. Stay Safe! Know more about adoption, governance and automation for Microsoft Teams in our articles.
April 08, 2020 Security, Document Tracking and Sharing with AIP The world is witnessing a huge upswing in remote work amid the COVID-19 outbreak. One of the most important aspects in such a scenario is airtight security across an organization’s environment. TeamsHub by Cyclotron secures confidential data and prevents potential data breaches through enhanced governance using Information Rights Management (IRM), document tracking through Azure Information Protection (AIP) and external file sharing. Introduction TeamsHub by Cyclotron is an automated governance platform for Microsoft Teams. It saves IT departments overheads and provides secure operation continuity by integrating the best in class features from Azure and Office365. In this article, we explore the various aspects of security, document tracking, and sharing using AIP, IRM, and others. Microsoft has published an article intended for IT professionals yesterday. It provides important privacy and security aspects for Microsoft Teams. The full article is listed here. One particular section of interest in governance is preventing cybersecurity threats using various tools. Sensitivity labeling, cloud app security, data loss prevention, and advanced threat protection are some of them. Additionally, protecting identity and account access is another section of note in the article. As a matter of fact, TeamsHub by Cyclotron allows many ways to automate governance and protect data using AIP and IRM for security, document tracking, and sharing. This helps with security and compliance for Microsoft Teams. As a result, heavily regulated industries such as Banking, Finance, Insurance, Healthcare, and Lifesciences will find this especially useful. Let us take a look at some of them. Security: Sensitivity Labeling and Guest Access Automated governance features in TeamsHub by Cyclotron particularly provides a rich set of flexible features. Firstly, create a Team as either Private or Public. Information is now accessible to either a select or large section of users because of this setting. Private access allows for team members to collaborate without sharing information. Also, you can mark the Team as confidential or restricted. A public Team’s information is available to everyone. . Furthermore, in addition to Team visibility, guest access can also be configured. Security and Document Sharing: Information Rights Management (IRM) Our governance feature set provides IRM which systematically safeguards sensitive corporate data from possible leaks. Prevent unintended users from seeing, editing, downloading. sharing and printing documents. This depends on the setting of that document and auto-expires access after a specified time. Apply IRM settings directly using TeamsHub by Cyclotron. This is through a team-level tile view. Not to mention that this is a convenient method instead of navigating to a SharePoint Document Library or through the SharePoint Admin Center. Security and Document Tracking: Azure Information Protection (AIP) In any organization, collaboration involves internal and external users such as vendors, contractors, and agencies. Files or documents need to be shared only with the intended audience. Protect sensitive information outside the organization. Using AIP, administrators can automate tasks. Document tracking, setting expiry dates for access or revoking access based on unexpected or unusual behaviors can all be configured. Moreover, protected document access sends a notification using AIP. TeamsHub by Cyclotron allows users to actively monitor document access. Of course, this can be leveraged through a usage report which shows any failed access attempts. Security, Document Sharing and Tracking: External File Sharing Is external file sharing different than adding a guest to the Team? Yes – share selective content with people outside the organization. Moreover, these users are not members of any team. In such scenarios, administrators need to be vigilant of users’ activities. Moreover, administrators must monitor permissions granted on shared content and time limit before expiry. TeamsHub by Cyclotron provides a unified interface to bring up all externally shared files. This is one of the key governance aspects for administrators TeamsHub by Cyclotron provides two types of interfaces. First of all, a unified view of all externally shared files across the tenant. Furthermore, a team-level interface that shows externally shared files by that team. Provide access via a link to the document or to the document itself as below Can Edit – shared for collaboration with read-write access.Can View – read-only access to the document Stop sharing – mistakenly shared documents or suspicious activities detected. Finally, it is imperative more than ever to upgrade to virtual collaboration across geographical boundaries. This helps the organization to operate without any slowdown or worse shut down during emergency situations or crises. Consequently, automating governance and streamlining administration can help in creating a remote workforce very rapidly. TeamsHub by Cyclotron understands these needs and has inbuilt security for collaboration and compliance. This along with simplified governance enables your organization’s productivity to remain unscathed and uncompromised. Other Reading Governance Best Practices for Microsoft TeamsAutomate Top 5 Governance Features in Microsoft Teams
April 06, 2020 Automate Microsoft Teams Governance using TeamsHub by Cyclotron In this article we deep dive into the technical aspects to match theory to practice. Managing a complex environment such as Microsoft Teams can be challenging as well. We will cover some scenarios and provide a few features of TeamsHub that help mitigate it. We will list out a few real-world scenarios to automate Microsoft Teams governance. We will also demonstrate how TeamsHub by Cyclotron helps solve them. For our previous article on Microsoft Teams governance best practices – click here NOTE: The user interfaces have been slightly modified or masked to prevent plagiarism. Scenario 1 Complex Powershell Operations: In Microsoft Teams, an administrator is required to create and manage Teams’ governance through complex Powershell commands. Our solution to this problem is to provide a simplified solution and interface. We empower administrative capabilities for enhanced control. We believe in automating the workload and tasks in the background. No more Powershell commands. Say hello to automated Microsoft Teams governance. A beautifully designed interface collates all Teams together. It also provides other details such as members, owners, tags, public or private, etc. in a single pane of glass. We also provide the total number of teams as a quick reference to the sprawl in the environment. The image below shows the administrative interface available today to streamline manual tasks with various commands. In addition, we provide Site Provisioning. It allows you to automate Microsoft Team governance for site creation and management. This is achieved by Utilizing dynamic forms and external workflows. Defining naming policies based on custom attributes and by using templates. After the above setup, the following screen will show up for an end-user when requesting site creation. Scenario 2 General Governance: Microsoft Teams allows anyone to create a team and its associated SharePoint sites. Eventually, a multitude of Teams causes duplicate naming, inappropriately named teams and frustrated users. Consequently, this may also lead to orphaned teams and owners leading to information loss. We provide a user-friendly interface to automate Microsoft Teams governance, expiration policy, and guest access external users. Using our Governance settings, administrators can manage Teams’ creation and lifecycle using automated workflows. Other settings include managing guests, naming policies abased on standard blocked words and custom blocked words. In addition, we can set up expiration policies for each team via a set of rules and notifications such as Notifications to alert team owners on certain actions that need to be takenAlerts during the period of inactivity before Teams can be disposed or archived, Scenario 3 Teams Classification: Most of the time, finding the right information, content or people is a tedious operation. This is true for both administrators and end-users. Firstly, Administrators have a hard time finding the owner or members of a team. Secondly, if the team can be correctly classified by a label or tag for discoverability. TeamsHub by Cyclotron provides unified tagging and classification. This helps derive quick information and reduce overheads by updating multiple teams in one go. TeamsHub by Cyclotron, enables assigning of organization-specific classification. Administrators can publish organizational tags to appropriate groups whereas users can create and remove personal tags to their own groups. With this in mind, administrators can create Hubs – frequently used sites grouped by certain criteria. This helps in finding the right information quickly for end-users without having to search or find it. Manually adding and editing details per team is a tedious and time-consuming process – ask an administrator. Such updates include members, owners, description, and classification of Teams. So, we provide an easy to use a feature called Bulk Update to address this issue. Bulk Update provides administrators, editing capabilities across multiple teams in a single attempt. No more tedious processing and updating of details one by one. Scenario 4 Advanced Search and Reporting: Better search functionality leads to funnel information. This can be achieved by defining filters to get the desired result. The screen below shows the search functionality. Our Interactive Reporting allows administrators to gain smart insights. Actionable reports on various criteria such as metadata usage, team usage, or device and browser segmentation are available. Reports can also be exported to other formats such as Excel and JSON to integrate with third-party visualization tools. We provide native integration with PowerBI as well. Scenario 5 External Document Sharing, Data Protection, and Security: Collaboration involves external vendors and third-party contractors as well. With this intention, sharing documents with guest users requires some caution and inbuilt checks to prevent data leaks. We have automated robust supervision and document tracking for sharing confidential data with external parties. We provide best in class features of Office365 and Azure – Azure Information Protection, Data Loss Prevention and Information Rights Management. Additionally, we provide administrators a unified view of externally shared content. Our solution called Enhanced Security provides automatic provisioning of Information Rights Management (IRM) policies. Along with integrated Data Loss Prevention (DLP) policies enables administrators to manage, track and revoke access for all externally shared documents in a single place. In summary, TeamsHub by Cyclotron provides a robust set of automated governance tools to help administrators manage Microsoft Teams efficiently. Using governance best practices as features in TeamsHub by Cyclotron, helps address some of the most pertinent issues. These are Teams sprawl, content sprawl, and security, as well as structure and permission models. In addition, we provide advanced Office 365 features such as IRM and DLP along with AIP About Cyclotron Cyclotron was proudly founded in San Francisco in 2014 with the sole intent of accelerating the success of our clients. We solve mission-critical business and technology challenges, through a proven network of industry-specific frameworks. We’re a trusted strategic partner to many innovative organizations in the financial, health and life sciences, public, retail, and technology sectors. Our solutions combined with your investment with us boosts productivity, enhances collaboration, and integrates intelligence across your entire enterprise.