{"id":36555,"date":"2020-08-11T17:43:48","date_gmt":"2020-08-11T17:43:48","guid":{"rendered":"https:\/\/www.microsoft.com\/security\/blog\/?p=91687"},"modified":"2020-08-11T17:43:48","modified_gmt":"2020-08-11T17:43:48","slug":"microsoft-office-365-do-you-have-a-false-sense-of-cloud-security","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\/","title":{"rendered":"Microsoft Office 365\u2014Do you have a false sense of cloud security?"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2020\/08\/SEC20_Security_016-BANNER.png\" class=\"ff-og-image-inserted\"><\/div>\n<p>Through difficult times,&nbsp;some adversaries will find&nbsp;opportunities and COVID-19 has proven&nbsp;to be a ripe opportunity for them to target&nbsp;a&nbsp;new, expanding,&nbsp;remote workforce. While these threats morph and&nbsp;evolve,&nbsp;Microsoft\u2019s Detection and Response Team (DART)&nbsp;finds&nbsp;ways to&nbsp;endure and help organizations become more resilient<\/p>\n<p>Cloud\u202fenvironments are\u202fcontinuously being put to the test during this challenging period.\u202fDART has seen various security configurations\u202fin our customers\u2019 cloud tenants.\u202fThe one\u202fcommonality:\u202f administrators flip the switch on a few security tasks without genuinely understanding the process and procedures needed to ensure everything works as designed and consequently create gaps in defenses and opportunities for attackers to circumvent security controls.\u202fWhen it comes to defense-in-depth, these controls must work in concert with one another.<\/p>\n<h2>Three measures you should&nbsp;employ&nbsp;to improve the security of&nbsp;your&nbsp;cloud environment<\/h2>\n<p>This post&nbsp;describes&nbsp;three\u202fsecurity measures\u202fyou should&nbsp;employ&nbsp;for your Azure AD\/Office 365 environment&nbsp;when first\u202fsetting up\u202fa new&nbsp;tenant,&nbsp;or\u202fwhen\u202ftightening&nbsp;the reins&nbsp;on&nbsp;a well-established tenant.<\/p>\n<ol>\n<li>Create an emergency Global Administration account.<\/li>\n<li>Enable Multi-factor Authentication (MFA).<\/li>\n<li>Block legacy authentication.<\/li>\n<\/ol>\n<h2>1. Create an emergency Global Administrator account<\/h2>\n<p>An emergency Global Administrator account, also known as\u202fa&nbsp;\u201cBreak Glass Account\u201d, is&nbsp;critical to the overall security posture of your tenant, and it prevents you from being accidentally locked out of your Azure Active Directory (Azure AD). Think about the consequences of your&nbsp;administrators&nbsp;getting&nbsp;locked out; you cannot sign in, activate users, assign licenses,&nbsp;or&nbsp;validate the actions happening in your tenant. Emergency access accounts are highly privileged and not assigned to specific users.&nbsp;These accounts must be excluded from your current security controls,&nbsp;and&nbsp;must have compensatory controls. These controls might include the following:<\/p>\n<ul>\n<li>Only&nbsp;allowing&nbsp;the&nbsp;\u201cBreak Glass Account\u201d&nbsp;to log in from a particular IP address range.<\/li>\n<li>Implementing&nbsp;detection&nbsp;controls like enhanced alerting and\/or monitoring the use of&nbsp;these&nbsp;accounts.<\/li>\n<\/ul>\n<p>Use of emergency access accounts should be limited to true emergencies, when standard administrative accounts cannot be used.\u202fFor detailed information, please see \u202f<a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/users-groups-roles\/directory-emergency-access.\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/users-groups-roles\/directory-emergency-access.<\/a><\/p>\n<h2>2. Enable Multi-Factor Authentication (MFA)<\/h2>\n<p>Enabling MFA seems straightforward, right?\u202fSadly, even today,\u202fit isn\u2019t.\u202fYou\u202fallow\u202fthe Conditional Access Policy for the enablement of MFA, but\u202ffor the sake of convenience,&nbsp;&nbsp;permit exclusions to these\u202fpolicies, such as not\u202fenabling MFA for the Global Administrators or any of the other O365 workload (Exchange, SharePoint,\u202fOneDrive) Administrators and continue to enable Basic\/Legacy Authentication. As a result, you now host an ineffective policy that puts your organization at tremendous risk. For detailed information, please see \u202f<a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/tutorial-enable-azure-mfa.\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/tutorial-enable-azure-mfa.<\/a><\/p>\n<p><strong>Real-World\u202fScenario\u2014<\/strong>A large company enabled MFA for all global administrators. Unbeknownst to the rest of the team, a user modified the\u202fpolicy\u202fto exclude a\u202fglobal administrator account.\u202fThis user\u2019s act\u202fput the company\u202fat\u202fconsiderable risk; the account was eventually compromised using a trivial Password Spray attack. It is bad enough when a standard user with no elevated privileges is compromised\u2014 Global Administrator accounts have access to all of Azure AD and Office 365, so when this account was affected, the organization\u2019s entire tenant was compromised.\u202fMonitoring and alerting for the implementation of persistence mechanisms, such as the creation of a new mailbox forwarding rule, would have also triggered a security alert and a full incident response investigation of the modified tenant. This incident also could have been easily avoided by merely monitoring and alerting for the creation of Global Administrator accounts and any changes to these accounts.\u202fThe threat actor has leveraged all these techniques to essentially gain and maintain access to the organization\u2019s tenant to achieve their mission objective for data exposure and exfiltration.<\/p>\n<h2>3. Block Legacy Authentication<\/h2>\n<p>Legacy\u202fauthentication\u202frefers to protocols that use basic\u202fauthentication, such as Exchange Web Services (EWS), POP, SMTP, IMAP, and MAPI. These protocols cannot enforce any type of second-factor\u202fauthentication (e.g., MFA), which makes them\u202fa\u202fpopular entry point for bad actors. As such, for MFA to be useful, you also need to block legacy authentication.<\/p>\n<p>There are still risks once you\u2019ve disabled legacy authentication and enabled MFA. From an operational standpoint, understanding the implications of disabling legacy authentication is critical.\u202fYou could disrupt essential workflows and disrupt access to applications not written to support modern authentication (including dated Outlook clients).<\/p>\n<p>So, what can you do?\u202fIdentify which&nbsp;users and applications are currently using legacy authentication in your tenant via Azure AD Sign-in logs.\u202fConfigure exclusions for applications&nbsp;that cannot\u202fbe modified\u202fto support modern authentication. Also,\u202fensure you&nbsp;configure&nbsp;the&nbsp;policies granularly&nbsp;for more robust security configurations,&nbsp;such&nbsp;as&nbsp;only allowing&nbsp;specific users&nbsp;and&nbsp;a particular IP range&nbsp;to use legacy authentication. This way,&nbsp;you can&nbsp;make access to legacy authentication more stringent where you&nbsp;must&nbsp;use&nbsp;it, and you can&nbsp;block legacy authentication&nbsp;in other scenarios.&nbsp;Configure your conditional access policy\u202fto be\u202fin\u202fa\u202freport-only mode to ensure you understand what will happen when you flip on the policy.&nbsp;For more information, please see\u202f<a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/conditional-access\/block-legacy-authentication.\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/conditional-access\/block-legacy-authentication.<\/a><\/p>\n<h2>Bricks laid, next: the mortar<\/h2>\n<p>There is a multitude of adversary tactics and techniques for the infiltration of a cloud environment. Based on DART\u2019s observations from the frontlines, implementing these three security controls will help ensure the front and back doors to your organization\u2019s cloud environment remain locked. DART recommends assessing these vulnerability points regularly so that when a real threat strikes, your defense-in-depth approach of technical controls, detection-in-depth, and monitoring and alerts will prepare your staff to jump into action quickly.<\/p>\n<p>In an upcoming blog post, we\u2019ll dive into what we like to call the \u201cEasy Button\u201d approach to security defaults. These pre-configured\u202fsecurity\u202fsettings help defend your organization against frequent identity-related attacks, such as password spray, replay, and phishing, and provide additional mortar towards the security foundation of your cloud environment.<\/p>\n<p>Want to learn more about DART (Detection and Response Team)? Read our past blog posts <a href=\"https:\/\/www.microsoft.com\/security\/blog\/microsoft-detection-and-response-team-dart-blog-series\/\" target=\"_blank\" rel=\"noopener noreferrer\">here.<\/a><\/p>\n<p>To learn more about Microsoft Security solutions visit our <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/solutions\" target=\"_blank\" rel=\"noopener noreferrer\">website.<\/a>&nbsp; Bookmark the&nbsp;<a href=\"https:\/\/www.microsoft.com\/security\/blog\/\" target=\"_blank\" rel=\"noopener noreferrer\">Security blog<\/a>&nbsp;to keep up with our expert coverage on security matters. Also, follow us at&nbsp;<a href=\"https:\/\/twitter.com\/@MSFTSecurity\" target=\"_blank\" rel=\"noopener noreferrer\">@MSFTSecurity<\/a>&nbsp;for the latest news and updates on cybersecurity.<\/p>\n<p> READ MORE <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2020\/08\/11\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Security is not just flipping the switch of security features to &#8220;on&#8221; and think you are done. DART explores the concept of having a false sense of security when securing your cloud environments.<br \/>\nThe post Microsoft Office 365\u2014Do you have a false sense of cloud security? appeared first on Microsoft Security. READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":36556,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[276],"tags":[1253,347,8337,6664,8264],"class_list":["post-36555","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-secure","tag-cloud-computing","tag-cybersecurity","tag-detection-and-response-team-dart","tag-microsoft-authenticator","tag-microsoft-detection-and-response-team-dart"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Microsoft Office 365\u2014Do you have a false sense of cloud security? 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft Office 365\u2014Do you have a false sense of cloud security? 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-08-11T17:43:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Microsoft Office 365\u2014Do you have a false sense of cloud security?\",\"datePublished\":\"2020-08-11T17:43:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\\\/\"},\"wordCount\":1127,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security.png\",\"keywords\":[\"cloud computing\",\"Cybersecurity\",\"Detection and Response Team (DART)\",\"Microsoft Authenticator\",\"Microsoft Detection and Response Team (DART)\"],\"articleSection\":[\"Microsoft Secure\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\\\/\",\"name\":\"Microsoft Office 365\u2014Do you have a false sense of cloud security? 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security.png\",\"datePublished\":\"2020-08-11T17:43:48+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security.png\",\"width\":1200,\"height\":630},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"cloud computing\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/cloud-computing\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Microsoft Office 365\u2014Do you have a false sense of cloud security?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft Office 365\u2014Do you have a false sense of cloud security? 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft Office 365\u2014Do you have a false sense of cloud security? 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-08-11T17:43:48+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Microsoft Office 365\u2014Do you have a false sense of cloud security?","datePublished":"2020-08-11T17:43:48+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\/"},"wordCount":1127,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security.png","keywords":["cloud computing","Cybersecurity","Detection and Response Team (DART)","Microsoft Authenticator","Microsoft Detection and Response Team (DART)"],"articleSection":["Microsoft Secure"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\/","url":"https:\/\/www.threatshub.org\/blog\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\/","name":"Microsoft Office 365\u2014Do you have a false sense of cloud security? 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security.png","datePublished":"2020-08-11T17:43:48+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security.png","width":1200,"height":630},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-office-365-do-you-have-a-false-sense-of-cloud-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"cloud computing","item":"https:\/\/www.threatshub.org\/blog\/tag\/cloud-computing\/"},{"@type":"ListItem","position":3,"name":"Microsoft Office 365\u2014Do you have a false sense of cloud security?"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36555","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=36555"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36555\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/36556"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=36555"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=36555"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=36555"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}