With the sudden surge in demand for remote work capabilities, and lot of firms have found themselves under pressure to roll out solutions under shortened time frames, often without necessary best practice planning, execution, and testing. As a result, some systems may go into place that have inherent security flaws that could lead to dire consequences down the road.
With this in mind, The U.S. Computer Emergency Readiness Team (CISA/CERT) has issued an advisory bulletin detailing how I.T. and Network Administrators can address one such project: the implementation and r0llout of Microsoft’s Office 365 cloud-based productivity and collaboration suite.
The key points:
Additional details can be found within the full alert, along with links detailing some of the methodologies and best-practices to observe. The full text of the alert can be found here:
Alert (AA20-120A): Microsoft Office 365 Security Recommendations
Network administrators should note that CERT has a mailing list for alerts and advisories such as the above. You can subscribe to the list – which is low volume – via this link.