OnPar Technologies will be requiring the implementation of Multi-Factor Authentication (MFA) by all Office365 and Microsoft365 customers by the end of February 2021. The hugely popular application attracts hackers looking for security weaknesses. This makes Office 365 MFA the most important security measure to protect the world’s most used SaaS business system.
With more than 135 million commercial monthly users, Office 365 is a hot target for attacks. Last year, headlines were made when hackers used brute-force techniques to attack Office 365 accounts of high-level employees at 48 different Fortune 2,000 organizations. The attack, which followed a measured pace to avoid early detection, used coordinated attacks to try different versions of employees’ usernames and passwords, eventually leading to 100,000 failed login attempts.
Office 365 email attacks continue to gain popularity, giving the hacker access to a single email account that is then used to spear phish other accounts within and outside with organization. This kind of attack can be prevented with the use of multi-factor authentication (MFA).
Office 365 MFA requires the password and one more verification method when signing in to O365. Microsoft includes the following additional verification methods: a randomly generated pass code sent via text message, a phone call, or an application that can be installed on a mobile device.
Phishing attacks are taking advantage of the popularity of Office 365 by leading users to malicious web pages, designed to look like the O365 login page. The purpose of this type of account is to take over control of the account and use it launch additional attacks. Office 365 multi-factor authentication would stop the hacker from accessing the account since they would not have the second factor.
The final type of attack worth mentioning when discussing the important of MFA, is privileged access attacks. Last year, the KnockKnock campaign targeted accounts with elevated privileges. The botnet attack went after service accounts that are not monitored regularly and did not use multi-factor authentication.
Protecting the sensitive data stored in Office 365 comes down to preventing various attacks designed to gain access to the data and the account itself. Office 365 MFA is critically important to limiting unlawful access to the world’s most popular SaaS business system and this is why OnPar Technologies will now be requiring this feature. This feature comes at no additional monthly cost. But, if your company decides that MFA would be unproductive or a hindrance for any reason to your organization, you can simply sign the waiver form to opt out of this important security feature.