Office 365 Admins Targeted in Ongoing Phishing Scam

This is not unexpected.  Cybercriminals are fairly smart and they are motivated to target the resources with the greatest and/or most effective access.  As more and more of the world moves their respective Exchange and Active Directory resources to the cloud, O365 and Azure administrators move up the valued target list.

This article simply points out something we have known for some time.  We must take phishing threats and associated awareness training seriously.  This must become a priority for every organization, large and small.  This issue also places a brighter spotlight on the security associated with service providers and 3rd party administrators.  Make sure your security controls take those resources into consideration as well.

https://threatpost.com/office-365-admins-phishing/150352/

2FA Login Failure in Office 365 and Azure

This is a very difficult situation from an IT security perspective.  Multi-factor authentication is a necessary step for the security of many systems and applications, especially those that are cloud hosted.  These types of outages can and will shake the confidence of users and make the move to multi-factor authentication that much more difficult to pursue and expand for IT security professionals in organizations.

https://www.infosecurity-magazine.com/news/2fa-login-failure-in-office-365/

Office 365 subscribers are getting unlimited OneDrive storage – Good or Bad?

Kudos to everyone who can take advantage of this deal.  I am a huge fan of free disk.  That said, more and more of our lives are ending up in the cloud.  Are you considering how you keep that data safe?  do you trust the provider or do you take the reins or do you do a little of both?

http://www.engadget.com/2014/10/27/microsoft-office-365-onedrive-unlimited/?ncid=rss_truncated