We have made it our business to provide answers that can help your business protect the bottom line. This usually involves providing guidance on commercial litigation, regulatory defense, and employment law. Today we will focus on an issue that many businesses are confronting in 2018: how to protect vital information in the dawn of the cloud-computing era.
What is the cloud?
According to recode, "the cloud refers to software and services that run on the Internet, instead of locally on your computer." The advantage of the cloud is the ability to access information from the cloud rather than depending on a traditional hard drive, providing flexibility for how and when to access email, software, and other web-based services.
The primary downside of the cloud is that there is always the risk of your important information falling into the wrong hands. This is a threat facing many businesses as they update their Microsoft Office software to Office 365, a cloud-based solution.
Whether you are serving in an executive capacity, working in the IT department, or simply rely on Office to do your job, you are likely to face the issue of Office 365 phishing in the near future if you haven't already.
What is phishing?
The U.S. Securities and Exchange Commission describes "phishing" as the use of fraudulent emails and copy-cat websites to trick you into revealing valuable personal information - such as account numbers for banking, securities, mortgage, or credit accounts, your social security number, employee ID number, or login IDs and passwords.
What is being done?
According to TechCrunch, Microsoft is providing a number of new security tools for its business users, hoping to combat the threat of phishing. One such tool is a service that only allows users to access certain online services if their device is given a clean bill of health. This could prevent malware attacks that allow hackers to gain access to company networks.
Make "think before you click" the rule at your organization
Microsoft and others will always be seeking out new ways to protect users from phishing and other attacks, but their algorithms cannot head off every threat. It is ultimately up to you and your colleagues to prevent most phishing attacks from succeeding.
Any organization is only as secure as its weakest link. In most cases, that weak link is an employee who unknowingly falls victim to a phishing attack by opening an email made to look like an official internal communication. This can be prevented by making sure that everyone at your company knows what to look for and what to do when they recognize a phishing scheme.