Cybersecurity Blog

13 min read

How to Set Up Office Message Encryption (OME)

By Harpreet Singh Wasu on Jun 19, 2020 2:51:50 PM

In this blog post, we'll be giving you the step-by-step instructions for configuring Office Message Encryption. I have to say they aren't for the faint at heart! Enabling OME is much more difficult than the other Microsoft email security products such as Office 365 ATP, Exchange Online Protection, or configuring DKIM, DMARC, and SPF.

Topics: Office 365 Cybersecurity Step-by-Step Guide
7 min read

Office 365 Advanced Threat Protection: Plan 1 vs Plan 2

By Julia Chester on Jun 5, 2020 5:37:12 PM

Office 365 Advanced Threat Protection (ATP) protects you by preventing dangerous links and malicious attachments from entering your organization via email and other tools (like SharePoint, OneDrive, and Teams). In the rare occasion that Office 365 ATP somehow fails to intercept these dangers, the automated investigation and response feature will kick in and remediate the breach. 

Security is essential but it isn't one size fits all. In this blog post we'll go over the differences between the features and pricing for Office 365 ATP Plan 1 and Plan 2 (aka P1 and P2) so you can decide which option best fits your security needs. Already have the license and just looking to implement ATP? Read our blog post How to Set Up Office 365 Advanced Threat Protection.

Topics: Office 365 Microsoft 365 Cybersecurity
5 min read

Microsoft Authenticator App (MFA the easy way)

By Julia Chester on May 21, 2020 2:41:47 PM

I am busy. I have a sneaking suspicion that you are too. However, until recently, I donated precious time, multiple times a day, to getting out my phone and typing in a six digit code to authenticate my accounts. I get that we need security, but does Multi-Factor Authentication have to be this annoying?

Topics: Cybersecurity
4 min read

How to Set Up Exchange Online Protection

By Catalin Alaci on May 17, 2020 7:10:26 PM

In this blog post, we're going to walk you through the step-by-step process for setting up Exchange Online Protection (EOP). Although setting up Exchange Online Protection is important, it is only one portion of a comprehensive email security strategy. This blog is the 2nd post of a 5 post series titled Email Security: The Complete Guide. The 5 steps to email security are:

  1. Configure DKIM, DMARC, SPF
  2. Deploy EOP (Exchange Online Protection) - this post
  3. Set up Office Message Encryption
  4. Enable Office 365 ATP (Advanced Threat Protection)
  5. Enable Office 365 MFA with Authenticator App
  1.  
 
Topics: Office 365 Cybersecurity Step-by-Step Guide
5 min read

How to Set Up Office 365 Advanced Threat Protection

By Harpreet Singh Wasu on May 17, 2020 4:46:03 PM

In this blog post, we're going to walk you through the step-by-step process for setting up Office 365 Advanced Threat Protection (ATP). Although setting up ATP is a great move, it is only one portion (though an important one) of a comprehensive email security strategy.

This blog is the 4th post of a 5 post series titled Email Security: The Complete Guide. The 5 steps to email security are:

  1. Configure DKIM, DMARC, SPF
  2. Deploy EOP (Exchange Online Protection)
  3. Set up Office Message Encryption
  4. Enable Office 365 ATP (Advanced Threat Protection) - this blog
  5. Enable Office 365 MFA with Authenticator App
Topics: Office 365 Cybersecurity Step-by-Step Guide
10 min read

Spear Phishing vs. Phishing: The Difference And How To Prevent It

By Julia Chester on Apr 17, 2020 1:23:05 PM

As many companies shift their operations online (and their employees shift into their “daytime jammies”) so too must their attention shift to cybersecurity. In our current COVID-19 conundrum many companies are moving strictly online. With these moves, data protection is more important than ever. Small and Midsize Businesses (SMBs) are no exception. Despite the fact that 67 percent of SMBs experienced a cyberattack last year (according to Keeper Security’s report of 500 senior SMB decision makers) 66 percent still believe that a cyberattack is unlikely and 60 percent do not have a cyberattack prevention plan in place. No company is too big or too small to be hacked and the results can be devastating. The average cost of a cyberattack on SMBs is $200,000, after which most companies must close shop. Phishing is an issue we all face. So, let’s face it, shall we?

Topics: Office 365 Cybersecurity Step-by-Step Guide
23 min read

Azure AD Identity Protection: 17 Best Practices

By Bruno Lecoq on Oct 22, 2019 12:29:29 PM

A successful Zero Trust strategy requires seamless and flexible access to applications, systems, and data while maintaining security for both users and the resources they need to do their jobs. It requires being cloud-ready, starting with identity, and then taking steps that will help secure all areas of your environment. Here's what you need to implement for Azure AD Identity Protection:

Topics: Azure Cybersecurity Step-by-Step Guide

Will Your Business Get Hacked? (Quiz)

By Brandon Lecoq on Sep 24, 2019 9:35:04 AM

The team at BEMO came up with the most important questions to ask any business owner or company executive when determining their risk of a data breach. These questions (which take 5 minutes or less to answer) illuminate whether a business has the infrastructure to identify, classify, prevent, and remediate the most common cyber-attacks.
Click on the survey to begin. 

Topics: Cybersecurity
5 min read

Office 365 MFA Setup: Step-by-Step Instructions

By Bruno Lecoq on Sep 16, 2019 1:55:00 PM

With 81 percent of data breaches being due to weak, reused, or stolen passwords, turning on Multi-Factor Authentication (MFA) for all of your apps is necessary. In this article, we'll show you how to setup MFA for your Office 365 account paired with the Microsoft Authenticator smartphone app.

While setting up MFA is an essential step, it is only one portion of a five step comprehensive email security strategy. This blog is the 5th post of a 5 post series titled Email Security: The Complete Guide. The 5 steps to email security are:

  1. Configure DKIM, DMARC, SPF
  2. Deploy EOP (Exchange Online Protection)
  3. Set up Office Message Encryption
  4. Enable Office 365 ATP (Advanced Threat Protection)
  5. Enable Office 365 MFA with Authenticator App (this post)
Topics: Office 365 Cybersecurity
2 min read

Azure MFA Loophole: Why am I still under attack?

By Brandon Lecoq on Aug 28, 2019 9:11:05 AM

I was approached by the Head of IT for a 70-something person company via LinkedIn, wanting an independent review of their environment. I thought sure, let's schedule a call to go over the details. This guy's company had an IT infrastructure of the future; the most well-prepared lead I had ever dealt with! Everyone in the company worked from home, connecting through a remote desktop, multi-factor authentication (MFA) was turned on for everyone, and they were all managed by Azure Active Directory (AD). On top of all that they already had tools to monitor their environment. This was going to be the quickest and easiest penetration test we had ever done! 😁

Topics: Azure Cybersecurity
12 min read

MxToolbox: How to Enable SPF, DMARC, and DKIM

By Bruno Lecoq on Jun 28, 2019 9:49:45 AM

In this blog post, we're going to walk you through configuring SPF, DMARC, and DKIM. While this is an essential step, it is only one portion of a comprehensive email security strategy. This blog is the 1st post of a 5 post series titled Email Security: The Complete Guide. The 5 steps to email security are:

  1. Configure DKIM, DMARC, SPF (this post)
  2. Deploy EOP (Exchange Online Protection)
  3. Set up Office Message Encryption
  4. Enable Office 365 ATP (Advanced Threat Protection)
  5. Enable Office 365 MFA with Authenticator App

MxToolbox is an indispensable (free!) tool every IT and security team. We use it as part of our arsenal of tools for protecting our clients’ emails, ensuring we have enabled Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting & Conformance (DMARC). Don’t know what this gibberish means? No worries, we’ll explain what they mean, why they’re important, and how to enable them. Let’s get started!

Topics: Cybersecurity Step-by-Step Guide