Keep this in mind as we start the 2022 Windows software patching year: Patching is not enough to keep Microsoft 365 protected. Before you purchase third-party tools that claim to protect you from all threats, or before you begin that zero-trust project, stop for a moment to evaluate whether you are doing all you can with what you have to protect Microsoft 365 users and data.
Protect against ransomware attacks
Operating system patching often isn’t enough to protect your firm from ransomware attacks. Even fully patched operating systems can be susceptible if attackers target users with phishing attacks. End user education can often be some of the best prevention if your technology protections fail to work or get bypassed by attackers.
Evaluate if your solutions include enough logging to determine if an attacker has been hiding in your network and how they gained access. Recent FireEye research shows the median dwell time for ransomware is 72.75 days. All other attacks have an average dwell time of 56 days. Ransomware attackers be in your network for a maximum of 547.49 days. I’ll bet that your logging doesn’t go back 547.49 days. I know mine doesn’t, but I can strive to log for 72.75 days. With that amount of logging it’s possible to go back into the archives to determine how the attackers gained access to your network.
Maximize the security tools in your Microsoft 365 license
Next, remind yourself that if you have Microsoft 365, you have the power to protect yourself with many of the tools included in the subscription suite. Ruairidh Campbell’s blog showcased scenarios where you can use Microsoft 365 to protect information. While the best solution would be to purchase a Microsoft E5 license for all Microsoft 365 users, it’s hard to justify an E5 license for everyone. You can blend licenses based on your needs. I often assign a 365 license of higher security resources to those users in my office who either perform riskier duties or who are more targeted by attackers.