A username and password are no longer enough to protect your systems if you want to reduce your chances of being hacked by cyber attackers, to the bare minimum.
One of the most common forms of attack is a breach to Microsoft 365 mailboxes. Criminal hackers will compromise your inbox in order to gain access to account credentials. Fake emails can be sent to all your contacts and in business most of your Microsoft 365 contacts are your customers and your suppliers.
When a hacker has access to an account, they can potentially use that account to gain access to others.
Cyber criminals are devising ever new and skilful ways to trick Microsoft 365 users.
This is not good for your reputation or your business.
Two Factor Authentication and Microsoft 365
FACT!
According to a recent cyber study, 80% of data breaches could be eliminated using two factor authentication.
Deploying two factor authentication reduces the opportunity for cyber attackers to access your Microsoft 365 mailboxes
Security and forward thinking with Microsoft 365 Two Factor Authentication
As Qi has mentioned in previous articles, best in class security measures such as 2FA, UTM’s and provisioning additional back up for Microsoft 365 discourage cyber criminals from persisting with gaining illegal access to your systems with the latter mitigating any loss of email box history that you may suffer in the unlikely event that your attacker makes a successful breach.
Two Factor Authentication for Microsoft 365 should be part of your security protocol.
Look at this to see why two factor authentication is such a good thing.
As the link suggests – this is something you can set up yourselves – what the link doesn’t explain is that getting the filters right can prove to be a minefield.
What can go wrong setting up Two Factor Authentication?
If the filters are set unsuitably then your team could end up having to sign in multiple times during the working day – which is not only frustrating for the user but reduces productivity. Your team may begin to resent the changes being made to business systems they rely on to do their job – even if those system changes are deployed for business-critical reasons. A successful 2FA project provides the right balance between security and usability.
If as a business owner. you opt not to deploy 2FA or apply overly lightweight filters then your systems are vulnerable to attack.
Most support companies will caveat the provision of support services to include this sentiment:
“if repeatedly recommended measures are not taken which subsequently require substantial remedial services from the Qi support team, then these problems may not be covered under the Qi Cover contract and we reserve the right to invoice for services” (QiCover Charter)
Using a Business Partner to set up 2FA for your business will provide you with the opportunity to discuss the working habits of your team which can then be considered when setting 2FA up for your business.
Get the Balance right with Microsoft 365 Two Factor Authentication
A Microsoft Business Partner will have a deep understanding of how to set up your authentication protocol to provide the right balance of your protection and usability for your business.
81% of hacking-related breaches leveraged either stolen and/or weak passwords.
These statistics do not only relate to Microsoft 365 but operational data which can be affected by ransomware.
Multi-Factor-Authentication is old news, right?
You would think so. Qi has been banging this drum since 2020 but there are STILL businesses who ignore the basics regarding their Cyber Health. This video will remind you of the basics, accepted today as the minimum requirement for baseline security.
Is Multi-Factor Authentication sufficient in 2026?
In short – NO! Set up Conditional Access Policies to protect against Microsoft 365 token theft
Call Qi Ltd for more information or read on.
There has been a significant and recent increase in incidents involving user accounts being compromised through MFA token theft, Qi and any Microsoft Business Partner worth their salt will strongly recommend that all organisations implement Conditional Access policies within Microsoft Office 365.
The current default security policies are no longer sufficient to protect against these increasingly sophisticated attacks.
When carefully planned and implemented following consultation, Conditional Access policies can significantly strengthen your organisation’s security posture while minimising the risk of inadvertently blocking legitimate access.
Please see this Microsoft article which provides more detail about MFA Token Theft
Please contact your infrastructure & security support partner or Qi’s Support Team as soon as possible, to arrange a Teams meeting to discuss the most suitable options for your organisation. This consultation meeting is free of charge and is offered under the terms of QiCover.
The move to Cloud services in the UK, multiple and two factor authentications.
Cloud adoption in the UK (in one form or another) is now reported to be at over 88%.
Dynamics 365 Business Central is considered to be a logical operational solutions upgrade for Sage 50 Accounts and Sage 50 Manufacturing users. If you use Sage 50 Manufacturing, you cannot host your Sage accounts using the Sage secure hosting solution.
Dynamics 365 Business Central SaaS uses the Azure Active Directory and will protect your users from 99.9% of cybersecurity attacks. The Azure Active Directory deploys multiple factor authentication.
Qi will migrate all your Sage 50 data to Dynamics 365 Business Central
Thought For the Day
Your digital security is extremely important and at a bigger risk than you may wish to accept. Two-factor authentication makes it harder for cybercriminals to breach your privacy. Setting up Conditional Access policies, makes it harder still. Work with a Microsoft 365 business partner you trust to get the right policies in place for you effectively first time around.