April 21, 2020

Cloud Security for Financial Markets using Microsoft Teams

We explore the security considerations for financial institutions that have a ton of confidential and sensitive data. Also, we further look at Microsoft Teams and how it can help collaboration in the office or remotely for such heavily regulated industries.
Cloud Security for Financial Markets

Introduction

Cybersecurity risks have always befuddled financial institutions and capital markets when it comes to moving to the cloud. The emergence of cloud services paved a way for mobile breakthroughs and real-time data analysis. Payment card numbers, social security numbers, user passwords, business plans, financial records, and every other sensitive information can rest on the cloud. Cloud security if compromised has grave implications for financial markets.

Their concern for security and compliance regulations is understandable as protected data must not travel beyond national borders. Greatest fears that plague financial markets today are online frauds, scams, privacy breaches, money laundering, and lending discrimination.

However, organizations that chose to migrate their services to the public cloud gained a massive competitive advantage over their rivals recently. Cloud-based collaboration platforms such as Microsoft Teams, empowered businesses by driving user engagement and productivity. In fact, continuous security improvement in the public cloud is inspiring more and more organizations to become a part of the shared platform.

So, can financial organizations and capital markets also rely on the public cloud? Can public cloud fulfill global compliance requirements for financial markets?

Cloud Security

Microsoft’s endeavor to provide an additional layer of security for organizations that need greater visibility and control over their cloud services is commendable. Let’s explore how Microsoft hardwires cloud security in its operational framework to manage risks for financial markets using Office365 and Microsoft Teams.

Service Level Security

Microsoft 365 has built-in service-level security that splits into physical, logical and data layers. Microsoft’s data centers are under high surveillance for security at a physical level. Smart cards, biometric scanners, and two-factor authentication are security checkpoints for service access. Similarly, at the network level, protocols and port numbers follow firewall rules and tiered access control lists to disallow invasion.

At the logical level, Microsoft 365 follows the software security assurance process during every stage of the Security Development Lifecycle (SDL). Automated operations on hosts and apps and Microsoft Lockbox reduce human intervention. Additionally, anti-malware software does not let malicious code corrupt the systems. Microsoft also sequesters an infected system to control the spread. It performs regular system patches such as hotfixes, perimeter vulnerability scanning too.

Microsoft also segregates co-tenant data using Active Directory for Microsoft 365. It is compliant with cryptographic standards such as SSL, TLS, AES, etc. to encrypt data in transit as well. It secures data at rest using BitLocker encryption. Updates to files ensure that the key renews thus preventing breaches.  

Email Threat Protection

Office 365 employs advanced threat protection for Exchange Online. Using Machine learning (ML), email attachments are scanned and marked safe. This prevents malicious code spread across the tenant. Real-time protection of emails detects malicious URLs and blocks them so users and data remain unharmed even if they click it accidentally. Furthermore, Microsoft scans trillions of signals across the web to detect malicious URLs and virus origination points.

Security Monitoring

Microsoft’s Operation Security Assurance (OSA) strictly adheres to regulatory standards such as ISO 27001, SSAE 16 SOC1 Type II and HIPAA. Microsoft’s operational security processes conforms to the latest business requirements and standards. Office 365 governs applications through internal and external audits for continuous monitoring and identification of operational risks.

Rights Management Service

With Azure Rights Management Service (RMS), Microsoft ensures the safety of sensitive content that is shared. This restrains users from performing critical actions on data. Also, accessing the content is not possible by external partners if their Office 365 environment is incompatible. To freely collaborate with clients, partners must migrate to Azure RMS.

Data Loss Prevention

Data Loss Prevention (DLP) is yet another intelligent service that Office 365 offers to its customers. It can locate sensitive information hidden in messages or files. It then applies policy tips you configured about what action needs to be taken. Most organizations use DLP to search for credit card numbers, insurance numbers and other identification numbers.

Secure MIME

Secure Multipurpose Internet Mail Extension (S/MIME) is used to send secure emails by encrypting the data. The digitally signed message can be decrypted by the recipient with a private key so that it can’t be deciphered by anyone during transit or at rest. S/MIME offers authentication and integrity for electronic messaging, especially required in B2B, B2C and government use cases.

Transport Layer Security

For setting up secure connections with partners, Transport Layer Security (TLS) is used by organizations. TLS are cryptographic protocols that encrypt the connection between two hosts and not messages. TLS uses security certificate to ensure a secure channel of communication with a business partner who doesn’t use Office 365 environment.

Federated Identities and Multi-factor Authentication

Microsoft integrates Azure Active Directory platform with Active Directory Federation Services to extend advanced access control capability. A federation trust is established between on-premises Active Directory and Office 365 suite. Users who have federated identities can access Office 365 cloud services using their Active Directory corporate login credentials.

Cloud services are accessed by multiple devices regardless of location or network. Hence multi-factor authentication is must to create a protected layer of defense against intrusion. Multifactor authentication requires two or more login credentials from independent categories to validate user’s identity.

Assume Breach Approach

To prevent breach, Microsoft keeps enhancing its built-in security features including port scanning, network level boundaries, DDoS prevention etc. Advanced AI intelligently detects security breaches and sends alerts by monitoring internal security systems and customer actions.

Access to confidential data is instantly ceased in case of a security breach and the concerned parties are notified. Finally, to recover from the breach, the system automatically updates and audits the affected part of the system to discover system fragility and weaknesses.

Office 365 Compliance

Microsoft’s cloud services fully comply with industrial and government standards to safeguard customer’s data against illegitimate transfer or use. It has acquired accreditation namely SAS 70/SSAE 16, ISO 27001, HIPAA, EU Safe Harbor, FISMA, and PCI DSS. Microsoft is also responsible for sharing the reports of audits of information security policy conducted by experts annually.

Secure Collaboration with Microsoft Teams

Microsoft Teams is a cloud-based multi-function collaboration platform that facilitates seamless and secure communications for financial institutes and other organizations to transform their business operations while complying with regulations. Organizations that have adopted Microsoft Teams are experiencing a massive rise in user engagement and overall productivity in virtual workspace.

Here’s why you can trust Microsoft Teams:

Governance Controls

Managing integrated applications is a controlled process in Microsoft Teams. Hence, create collaboration spaces by trusted content owners or stakeholders. Users need to justify the purpose of their groups. Maintain collaboration best practices for access and ownership. Control third-party integrations using administrators at the team level.

Policy Enforcement

Microsoft Teams allows automating properties and naming conventions when user creates a group or team. It facilitates easier discoverability of teams and information they hold and restrain inappropriate usage of words. Also, configuring group expiration policies saves a lot of time in information lifecycle management.

Secure User Identities

Compromised identities lay a stronghold for credential leakages, anonymous sign-ins or other suspicious activities. Microsoft Teams implements Azure Risks Policies to protect user identities girding organizations to remediate potential attacks.

Intelligent Security Graph

Intelligent Security Graph uses machine learning, AI and behavioral analytics to derive rich threat insights. It helps organizations to detect cyberattacks and speed up the remediation process. It also helps Microsoft to brace its products and services. To embed threat protection capabilities, Microsoft integrates Office 365 Advanced Threat Protection (OATP), Microsoft Defender Advanced Threat Protection (MDATP),  Windows Defender System Guard (WDSG), Microsoft Cloud App Security (MCAS), and Azure Advanced Threat Protection (AATP) security solutions in Office 365 productivity suite.

Insider Risk Management

Once again Microsoft leverages machine learning as a savior when to comes to spot insider risks. Insider Risk Management helps mitigate accidental or intentional data leakages by employees. Employees when leaving organizations are very likely to download or copy company’s legal information, marketing content, product designs or employee private data for personal use or to show them to future employers. Insider Risk Management solution intelligently identifies exfiltration patterns, analyses potentially risk user behaviors and surfaces key activities for internal investigators to examine.

Security and Governance using TeamsHub by Cyclotron

Automate most of the security and governance controls in Microsoft Teams using TeamsHub by Cylotron. Streamline administration, cloud security with Microsoft Teams for financial markets. For more information on security please read the article on Security, Document Tracking and Sharing with AIP. For more articles on governance and best practices please visit our blog

Summary

Cloud security is one of the foremost concerns for financial markets. Consequently, adopting cloud and enabling a robust and secure framework for productivity and collaboration in the office or remotely can be achieved using Microsoft Teams. Furthermore, TeamsHub by Cyclotron can enable a lot of security features with little effort.

Suggested Reading

Office365 Advanced Threat Protection

Read more

April 13, 2020

Zoom vs Microsoft Teams – Security and Privacy in a COVID-19 world

Our POV on the Zoom v Microsoft Teams debate.
Zoom v Teams - security and privacy

Introduction

In this article we take a look at the Zoom security flaws, some of Microsoft Teams strength and how we can keep video conferencing secure and private while enabling remote work in a post-COVID-19 world.

Virtual collaboration platforms such as Zoom and Microsoft Teams are phenomenal sources of unified communications. In the age of remote and mobile work, they enable continuous operability. Ever since the COVID-19 pandemic began, there was an instant demand for everything to be virtual. Corporate clients, government entities, schools, and institutions; all have chosen video conferencing and live streaming to continue operations. However, when hundreds of millions of users are interacting through any platform, the security of data continues to be a concern.  

The news of bombing a Zoom meeting aka Zoom bombing scandal has been doing the rounds nowadays. Shockingly, it allowed hackers to infiltrate chat rooms with profane content. Moreover, anyone could easily access or see the shared content online through Zoom. This all sums up to show that Zoom is vulnerable to threats and data exposure as well.  

As per the latest reports, Zoom’s services are now being discarded by many due to its serious security loopholes. Consequently, people are now in a fix asking a question of which platform is right to use? Is Teams the one to bank upon for all communications and safety-related issues?  

Though Zoom and Teams equally serve their best in creating video-collaboration culture, there are security differences that set them apart. Before we read about Teams security practices, let us first demystify the underlying causes of Zoom’s vulnerability: 

Zoom

Anyone can join a Zoom meeting using a shared link without downloading any software. It is Zoom’s most enchanting feature that triggered its whopping usage worldwide.  

On the verge of making its services easy to its customers, Zoom enabled browser interface for one-touch meeting joins from standards-based video endpoints. It eventually caused Zoom connector application to create unsecured URLs lacking authentication controls to login to the Zoom cloud. Sadly, it leaves a giant room for unauthorized users to easily control video endpoints from any browser without login credentials. They can manipulate cameras, make calls and invoke device settings without permission. 

Along with other security issues, Zoom is also found to be using a weaker encryption algorithm to encode audio and video data. Needless to say, the software can be easily tampered by cybercriminals. 

Microsoft Teams

Microsoft Teams is built on Office 365 hyper-scale. The strong cybersecurity and compliance controls create a sturdy groundwork to prevent phishing attempts or ransomware attacks.  

The two-factor authentication process in Teams protects accounts from identity theft. Also, encrypted user data transmissions using Secure Real-time Transport Protocol (SRTP) prevents potential data leaks. It further ensures risk-free document sharing and data storage in Teams. Teams stores sensitive data in SharePoint, OneDrive for Business, Exchange, Stream, and Groups. To fetch any information from these controlled repositories, one needs eDiscovery rights. 

With Teams, attendees can be easily managed in meetings keeping the user access transparent. If you want to allow guest users to attend your meetings, you can do it while retaining complete control over your environment. You can even restrict users to share any content. Additionally, Teams integrates advanced AI for automating the detection of bullying, trolling or illicit messages through chat and conversations. All sumps up to provide you an enhanced collaboration experience covering you with safety. 

Summary

As a key player in collaboration, Microsoft Teams pledges to secure user information complying with more than 90 regulatory standards and laws. If you are using Teams for collaboration, you must remain confident that your privacy is Microsoft’s priority and commitment. Coming back to comparing Zoom with Teams, I would suggest using Zoom for having public conversations only. But if you are an organization that doesn’t compromise with security at all, then definitely Teams is a valid choice for you. Stay Safe!  

Know more about adoption, governance and automation for Microsoft Teams in our articles.

Read more

April 08, 2020

Security, Document Tracking and Sharing with AIP

The world is witnessing a huge upswing in remote work amid the COVID-19 outbreak. One of the most important aspects in such a scenario is airtight security across an organization’s environment. TeamsHub by Cyclotron secures confidential data and prevents potential data breaches through enhanced governance using Information Rights Management (IRM), document tracking through Azure Information Protection (AIP) and external file sharing.

Introduction

TeamsHub by Cyclotron is an automated governance platform for Microsoft Teams. It saves IT departments overheads and provides secure operation continuity by integrating the best in class features from Azure and Office365. In this article, we explore the various aspects of security, document tracking, and sharing using AIP, IRM, and others.

Microsoft has published an article intended for IT professionals yesterday. It provides important privacy and security aspects for Microsoft Teams. The full article is listed here.

One particular section of interest in governance is preventing cybersecurity threats using various tools. Sensitivity labeling, cloud app security, data loss prevention, and advanced threat protection are some of them. Additionally, protecting identity and account access is another section of note in the article.

As a matter of fact, TeamsHub by Cyclotron allows many ways to automate governance and protect data using AIP and IRM for security, document tracking, and sharing. This helps with security and compliance for Microsoft Teams. As a result, heavily regulated industries such as Banking, Finance, Insurance, Healthcare, and Lifesciences will find this especially useful. Let us take a look at some of them.

Security: Sensitivity Labeling and Guest Access

Automated governance features in TeamsHub by Cyclotron particularly provides a rich set of flexible features. Firstly, create a Team as either Private or Public. Information is now accessible to either a select or large section of users because of this setting. Private access allows for team members to collaborate without sharing information. Also, you can mark the Team as confidential or restricted. A public Team’s information is available to everyone. .

Automated Governance Team Details

Furthermore, in addition to Team visibility, guest access can also be configured.

Team Governance Settings

Security and Document Sharing: Information Rights Management (IRM)

Our governance feature set provides IRM which systematically safeguards sensitive corporate data from possible leaks. Prevent unintended users from seeing, editing, downloading. sharing and printing documents. This depends on the setting of that document and auto-expires access after a specified time.

Apply IRM settings directly using TeamsHub by Cyclotron. This is through a team-level tile view. Not to mention that this is a convenient method instead of navigating to a SharePoint Document Library or through the SharePoint Admin Center.

Information Rights Management

Security and Document Tracking: Azure Information Protection (AIP)

In any organization, collaboration involves internal and external users such as vendors, contractors, and agencies. Files or documents need to be shared only with the intended audience. Protect sensitive information outside the organization. Using AIP, administrators can automate tasks. Document tracking, setting expiry dates for access or revoking access based on unexpected or unusual behaviors can all be configured. Moreover, protected document access sends a notification using AIP.

TeamsHub by Cyclotron allows users to actively monitor document access. Of course, this can be leveraged through a usage report which shows any failed access attempts.

Azure Information Protection

Security, Document Sharing and Tracking: External File Sharing

Is external file sharing different than adding a guest to the Team? Yes – share selective content with people outside the organization. Moreover, these users are not members of any team.

In such scenarios, administrators need to be vigilant of users’ activities. Moreover, administrators must monitor permissions granted on shared content and time limit before expiry.

TeamsHub by Cyclotron provides a unified interface to bring up all externally shared files. This is one of the key governance aspects for administrators

TeamsHub by Cyclotron provides two types of interfaces. First of all, a unified view of all externally shared files across the tenant. Furthermore, a team-level interface that shows externally shared files by that team.

Document Sharing and Tracking

Provide access via a link to the document or to the document itself as below

  • Can Edit – shared for collaboration with read-write access.
  • Can View – read-only access to the document
  • Stop sharing – mistakenly shared documents or suspicious activities detected.

Finally, it is imperative more than ever to upgrade to virtual collaboration across geographical boundaries. This helps the organization to operate without any slowdown or worse shut down during emergency situations or crises. Consequently, automating governance and streamlining administration can help in creating a remote workforce very rapidly.

TeamsHub by Cyclotron understands these needs and has inbuilt security for collaboration and compliance. This along with simplified governance enables your organization’s productivity to remain unscathed and uncompromised.

Other Reading

Read more

Read more