More and more small and medium-sized businesses are making the switch from on-premises SharePoint systems to cloud-hosted Office 365. If you’re one of them, it’s vital to ensure that you put in place adequate protection to counter the security challenges that come with the migration. While many businesses contemplating switching find themselves concerned about the potential for undesirable elements to breach the cloud-based security of Office 365 itself, the robust safeguards Microsoft has in place mean localized issues are far more likely to prove to be your network’s weak point. These essential steps will help ensure your transition from SharePoint to Office 365 is a smooth and secure one.
Identify your company’s sensitive data…
It’s so easy to create sites within SharePoint that businesses often have far more than they realize, covering just about every aspect of their operations. And it’s natural, of course, for at least some of the files housed within those sites to contain sensitive commercial or personal data. The key is ensuring that sensitive information is adequately identified and protected. Do this by conducting a security audit before you undertake your migration.
Your audit should identify the types of data stored in the various parts of your SharePoint network, including which specific information needs extra safeguarding. Be sure to consider everything from trade secrets and contract details to the personal information of your clients.
…and then restrict access to it
Once you’ve worked out where your most precious data lies, you can check who currently has access to it and whether their access is appropriate. After all, it’s not necessary for everyone to be able to get at all the data your company owns; it’s far better to operate on a need-to-know basis, with a reasonable level of flexibility.
Ensure that each of your employees has access only to the data that’s necessary for them to perform their duties. When you make the switch to Office 365, you’ll find that it allows you to conveniently set these different levels of permissions, including for external partners with whom you collaborate.
Trust nobody and suspect everybody
We say that lightheartedly, of course – it would be counterproductive to become so security-paranoid as to suspect everyone is attempting foul play with your company’s data. Nonetheless, it’s wise to consider everyone in your organization when it comes to auditing data access permissions – and that includes system administrators who might be assumed to have master access to every element of your network infrastructure.
A rogue administrator is the stuff of nightmares, since their elevated position gives them much greater leeway to siphon off valuable data without being noticed – or even to allow others to conduct questionable business and bypass the usual built-in security precautions. Overcoming the danger of an all-too-powerful administrator admittedly becomes easier if you have more than one on staff, but even in smaller businesses you can mediate some of the risk by regularly checking on your administrator’s usage and ensuring that their top-level system permissions remain justifiable.
Use machine learning to foresee security breaches
Every action performed by your staff within Office 365 is automatically logged, and with relative ease you can pull reports that allow you to analyze these. But the sheer number of events taking place within Office 365 in the course of your business’s normal operations means that even attempting to identify questionable behavior will be akin to the proverbial needle and haystack. That’s not to say it’s unwise to be on the lookout for anomalies in normal usage – the export of unexplainably large volumes of data, for instance, could suggest that a member of your team is leaking intelligence to a competitor, or that they’re about to jump ship and take your trade secrets with them.
Thankfully, it’s possible to leverage the developing power of machine learning to identify potential breaches before they happen – without the need to wade through unmanageable swathes of perfectly normal data. Graph API is incorporated into Office 365, and allows for the integration of machine learning tools into your security environment to achieve just that. The same tools can also help you avoid being caught out by hackers, by identifying system login attempts from locations that are out of the ordinary; you should bolster this protection by religiously removing inactive accounts and those of departing employees.
By covering these essential security considerations when it comes to your migration, you’ll be one step closer to ensuring you strike the right balance between the powerful collaborative features of Office 365 and the robust safeguards your business’s integrity demands. To find out more about how we can help your Office 365 migration run smoothly, or what other business benefits you can derive from cloud-powered technologies, just give us a call.
Published with permission from TechAdvisory.org. Source.