News

Microsoft Expands Token Protection

What do I need to know? In response to increasingly sophisticated attacks, whereby hackers bypass Microsoft 365 Multi-Factor Authentication (MFA) by stealing a session token from your device, Microsoft have released a security feature to Microsoft 365 customers who have Entra ID Premium, that will bind session tokens to the machine that you establish them from, therefore if a session token is stolen it is useless and the attacker will be challenged for MFA.

This form of attack is increasingly common due to the ease of compromise (user is tricked into logging in to a false 365 landing page for example, we have actively seen breaches using this method, evilnginx is an example of this) and so we see this security improvement as a must for all businesses.

What do I need to do? If you are a Connect Systems 365 Security Management Service customer, nothing at all, the service will deploy the security enhancement to your Microsoft 365 tenant automatically.

If you do not subscribe to this service but are a support customer, we will still deploy the enhancement for you as it mitigates a significant security risk, however we will need to do this a customer tenant at a time, so a ticket will be raised and time will be billed to your support agreement.

Even if you are not a support customer please don’t hesitate to get in touch and we can give you the information you need to make sure you’re protected.

Microsoft-logo-1024x512.png

What is the 365 Security Management Service? This is a Connect Systems Service powered by multiple powerful tools including our brand-new management tool from Inforcer. Using these services, we can create a security gold standard baseline for 365 deployments, this baseline is continually updated on a daily basis in response to new 365 security feature releases and changes to the various security frameworks (Cyber Essentials, CIS, ISO, NIST, HIPAA and NIS2).

Center for Internet Security (CIS) is an independent security body who create a benchmark of best practices, to secure tenants against the most common real-world threats and data loss; this is the core framework that we follow and build upon to create our gold standard baseline.

With 365 Security Management, we can monitor all customers subscribed to see if they deviate from the security baseline and we will also be alerted if there is a potential breach / compromise of your 365 platform.

If you have any questions or would like any further information on this, please reach out to your Connect Systems Account Manager or feel free to get in touch with us here.

< Back