Many companies aren’t making the most of Microsoft 365 or its security tools, finds survey


    Even if they’re paying for the goods, not all organizations are using them. In fact, a surprisingly large amount of organizations subscribed to Microsoft 365 services are neglecting some key features that could help with productivity and security.

    According to a new survey by Ensono, which gathered the responses of 251 UK IT decision-makers from a range of businesses, many organizations are missing out on data loss prevention (DLP), Conditional Access Controls (CAC), and multi-factor authentication (MFA). Respondents included IT decision-makers for firms with 10,000+ employees as well as small businesses with 1-10 employees (in addition to sizes between these extremes). While 83% of the surveyed population found Microsoft 365 invaluable, Ensono also reported that:

    • 38% are not using multi-factor authentication (MFA)
    • Only 43% have Conditional Access Controls in place (CAC)
    • 46% do not have data loss prevention (DLP) or data classification configured

    “Of those surveyed that reported a Microsoft 365-related breach, 42% were linked to files being shared with external parties and 37% were due to the impersonation of a compromised account,” the report reads, highlighting a few potential consequences of not using the built-in security offerings of MS365.

    Simon Ratcliffe, Principal Consultant at Ensono, noted that some firms are creating unnecessary expenditures for themselves by going with third-party solutions for functionalities already packaged with their Microsoft 365 subs.

    A takeaway of the survey is this: In a world filled with impersonators and threat actors, knowing what security you have at your disposal is paramount.





    Source link