Fake Bosses, COVID-19, and Darth Vader: Interns Learn to Safeguard Against Every Threat

5 min read
July 13, 2020

"Safeguard against every threat..." It's what the CEO advised our five-year-old interns Joey and Walt to do. In the past several weeks they've learned a great deal, all while working from home under COVID-19. If you haven't checked out this cute video series, you can watch their adventures on our YouTube page. Here we'll go over some of the insights they've reached and the Microsoft tools they've learned how to use.

Microsoft 365 Advanced Threat Protection: Block Username Impersonation

Picture shows Joey shocked to see that a sender is impersonating his boss.

 

Advanced Threat Protection is a part of Microsoft 365 (formerly called Office 365) that focuses on keeping your organization safe from emails with malicious content. In our video clip, Joey is excited to see that the boss has sent an email asking him to order gift certificates for the whole company. But after some discussion, the interns realize there's something fishy about this request. When he takes a closer look, Joey's shocked to see that the sender of the email is not actually the boss he works with. Luckily ATP has alerted him of this. Its anti-phishing capabilities use machine learning models and advanced impersonation-detection algorithms to detect when these deceitful attacks are attempted. If you prefer, you can have these emails automatically deleted or sent to your spam folder.

 

Business Voice in Microsoft Teams

Video shot shows Walt spitting out his drink in surprise.

 

While practicing receptionist duties, Walt responds to a caller looking for an Oracle database. He's so surprised by the request, he spits out his drink. (Infused Innovations focuses on Microsoft SQL, the superior database choice!) With Business Voice, a part of Microsoft Teams available for companies with less than 300 users, those kinds of calls could be directed appropriately before they ever got to him. That way he wouldn't have to clean up his drink from the floor! If you'd like to save yourself the same headache, you can find out more about Business Voice and other calling plans within Microsoft Teams here.

Windows Hello: Strengthen Your Authentication Methods

Video shot shows Walt reading Joey's shirt for a clue to his account password.

 

Joey challenges Walt to guess his password. After glancing at Joey's T-shirt and adding a few numbers and a symbol, Walt quickly succeeds, declaring, "Passwords are so easy to guess." That's increasingly true, especially for a bot whose purpose is just that. It's been shown that multi-factor authentication and biometric identity verification provide much stronger account security than typical passwords---which are conversely also easy for users to forget, sometimes causing them to leave reminder trails... Windows Hello, Microsoft's biometric fingerprint and facial recognition software, provides options for multi-factor authentication or even going passwordless altogether.

While on the topic, Walt and Joey also learned that with this great technology comes great responsibility. As Microsoft's president Brad Smith has argued, facial recognition technology needs to be used in responsible ways and should be kept in check by government regulation. In the absence of this legal governing, Microsoft has pledged not to sell facial recognition software to police departments.

Insider Risk Management

 

With 4th of July fireworks canceled because of COVID-19, the interns are stuck at home pretending to be Star Wars characters. Darth Vader suspects the whole pandemic is part of a plot to bring down his reign, and he has a feeling his supposed follower General Grievous might be part of an insider threat.

 

Video shot shows General Grievous looking untrustworthy.

 

Vader would do well to take the pandemic seriously and work smartly from home---but his Zero Trust mentality isn't a bad idea. While not every business has such dramatic treason going on, there are various internal activities that can create risk in an organization. These actions may simply be inadvertent---or they may be cases of willful inappropriate employee behavior. Insider Risk Management, a solution within Microsoft 365, helps minimize these internal risks by allowing administrators to detect, investigate, and take action when risky activities are found. These are some of the activities Insider Risk Management helps detect:

  • Confidentiality violations
  • Leaking of sensitive data
  • Intellectual property theft
  • Fraud
  • Insider trading
  • Regulatory compliance violations

Here's what the workflow looks like:

 

Chart shows Insider Risk Management workflow.

 

You can set specific policies for identifying risk indicators. These policies then shape the alerts you receive and the following processes. The workflow is integrated with Microsoft 365 compliance solutions, keeping clear track of breaches, and it has actions available to appropriately respond according to the case. If the offense is minor or inadvertent, a reminder can be sent to the employee(s) using templates you can configure. For serious violations, you can escalate cases to Advanced eDiscovery in Microsoft 365. This provides its own end-to-end workflow to collect, review, analyze, and export content related to investigations, both internal and external (should legal teams become involved).

Safeguard Against Every Threat

Whether your threat is internal policy violation, malicious email scams, or a public health emergency, there are two key takeaways our interns want you to know: 1) Denying the vulnerability will not make you any safer. 2) There are tangible steps you can take to prevent threats from hitting you and your organization. We encourage you to keep informed, stay safe, and continually improve your security. And, go ahead and have a few laughs in the meantime.

 

Stay connected. Join the Infused Innovations email list!

No Comments Yet

Let us know what you think