Viewing posts about cyber security...

#FAQFriday: Enable Multifactor Authentication in 9 Easy Steps

How to setup Multifactor Authentication for Office 365 Global Administrators

MFA – Multifactor Authentication is a hot topic these days with Office 365 and Microsoft Secure Score.

Frequently, we see the recommendation to enable MFA for all Global Administrations at the top of recent Office 365 Secure Score reports, with values up to 50 points.

MFA helps to keep accounts more secure by requiring an additional level of authentication, making sure that the account that is logged in is:

  1. An actual person, and not a robot, script, or malicious code; and
  2. The same person must respond via an automated call, text, email, or apply authentication via smartcard, biometric device or code.

How do I enable MFA for Office 365 Global Admins?


To enable MFA for a Global Admin or group of Global Admins, in the Admin console, click on Users | Active Users | More (top menu) | Multifactor Authentication Setup | (wait for the MFA window to pop-up), Click to Enable the user(s) | Click Enable Multi-Factor Authentication.

Visual Aid:

  1. Log into Office 365 as a Global Admin                                                                                                                       
  2. In the Admin Console, click on Users | Active Users.                                                                                                                                                               
  3. Click on the More tab. Then click Multifactor Authentication setup.                                                                                                                                                                                                                                      
  4. The Multi-Factor Authentication window will appear.                                                                                                                       
  5. In the VIEW pull-down, choose Global Administrators.                                                                                                                                                          
  6. Highlight the accounts that you’d like to add Multifactor Authentication to (notice on the right column is the MFA Status). Option: You can also click the checkmark on the top left to choose all the   Global Admins for MFA enablement.                                                                                                                                                                                       
  7. Once highlighted, click on Enable. The About enabling Multi-Factor Auth box will pop-up.                                                                                                                                                       
  8. Click the Enable Multi-factor Auth option.                                                                                                                                                                                                                                                                                              
  9. Then, if successful, you will see the Updates Successful window. Click on CLOSE and test with the desired account.                                                                                                                                                                              ]

Note: This can be activated for any users, not only Global Administrators. To do so, repeat steps 1 through 4 and select any of the other options under View. Then select the user(s) for MFA enabling.                                                                                                                                                                    Then view the accounts in the MFA window, and it should show the newly MFA-enabled accounts as Enabled.

Cloud Advantage Offers Office 365 Admin Security Training

Imagine this. There are thousands of documents living peacefully in a special series of folders on OneDrive. They reside inside the “system” of a popular medical practice on Walnut Street in New Canaan, CT. The folder is virtual baby-brown. The documents are PDFs and spreadsheets with hundreds of the numbered rows filled in. Boring by most standards, but these documents would cause earthquakes if anyone “unauthorized” accessed them.

Why? Because these documents are medical records. They belong to the talented Dr. David Hammerhead, a gastrointestinal physician with a huge practice, and many ulcerous and sue-happy patients from the past 23 years. The docs, as we in the trade call them, contain information so private that subpoenas would be impossible to get from any court in the land. That’s because of HIPPA.

HIPPA is a law passed by Congress several years ago that forces us, mere medical patients, to fill out paperwork each and every time we visit a doctor. We have to sign those papers in front of a gum-chewing, front-desk employee in order to assure us that our information won’t be shared. No way, no how. Personally, I could never figure out why I had to sign those papers. I think the front-desk people should sign the paper in front of me so that I will be assured that they will not intentionally send my medical information to 14.8 million people across cyberspace.

Employees and Cyber Security

But I digress. This story is about gum-chewer #3, third from the right behind the sliding glass window, who just hit the wrong key on her keyboard (on purpose) because she heard there’s a pink slip with her name on it arriving at the end of the day. She heard this from gum-chewer #2, who is apparently not getting a pink slip.

Woooooosh! Out go the medical records along with social security numbers and, oh yes, settlement amounts from past medical malpractice lawsuits against Dr. David Hammerhead.

So, the question is why does gum-chewer #3 have access to all these docs? That’s an easy one. She has access because someone thought she was trustworthy after a 20-minute background check on Facebook– deemed trustworthy to check-in patients and confirm their date of birth and billing address at least 5 times.

But the point of this blog is not to badmouth gum-chewer #3. The point is that we, the geniuses at CloudAdv, can help you prevent this nightmare from happening to your business. We can help you protect your company’s secrets from people inside and outside your walls.

Here’s how we can help… security training.

We provide in-depth training to your IT staff so they know how to preempt any potential threats from the gum-chewers at your company.

Here’s a few reasons to sign up:

Your company has to obey strict compliance regulations and laws.

Companies that handle personal information, such as medical records, social security numbers, and financial records, have a strict obligation to make sure that none of this information is mishandled. Doing so can lead to hefty fines and penalties, and can be the end of your company as you know it.

You’re tired of spam and phishing scams.

Don’t want your employees to end up like gum-chewer #3? The best way to avoid that from happening is to make sure they never get the chance to fall into the traps to begin with! Thanks to Microsoft Office 365’s comprehensive and highly-customizable hygiene and spam filter settings, you’re given the tools you need to make sure that your users aren’t given any forks in the road. While they may be hard to comprehend and configure, our team can help you to understand how to make the most of this awesome and highly-effective native feature.

Your company has data privacy concerns.

Remember gum-chewer #3? Remember how she shared thousands of files that she shouldn’t have? Well, it all could have been avoided if her company’s IT staff prepared ahead of time! While it may sometimes seem unavoidable that things are shared with the wrong people, it’s not. The geeks at Cloud Adv can train your personnel (and/or provide engineering) to implement and manage security policies, retention holds, legal holds, and eDiscovery to protect PII and intellectual property from unauthorized sharing of the data.

You want to avoid litigation.

We’ll show you all about how legal and litigation holds work, so in the terrible event that you end up in a courtroom, you won’t show up empty-handed.

Why Cloud Advantage?

We provide our classroom training remotely, and we customize each small classroom experience to best fit the audience. Your IT staff will work on their own familiar workstations and servers, and learn hands-on via screen share… no wasted time setting up.

We will show your IT staff a variety of options to prevent phishing, malware, viruses, and spam from tempting your staff to send your patient’s emails to Neverland.

We will show your IT staff all the ways they can prevent employees from snuffing out your business with a simple keystroke.

We know all the advanced and hidden settings for admin security, hygiene, compliance, and eDiscovery… and tools that will help you sleep more easily at night.

Our Office 365 Admin Security Training will help you show regulators that you are serious about security, and making strides in the cyber-security arena of your firm. This prevents hefty fines if you do get hacked.

We are also the industry experts on Microsoft Office 365, and will securely migrate your emails and data with ease.

Our value proposition

Our classes will be the most valuable 2-3 hours you will ever purchase from consultants, and we don’t chew gum. Enough said.

Learn more about Office 365 Admin Security Training and register for our classes

Want to know more or sign up for CloudAdv’s Office 365 Security Engineering?

Further reading: GSA Rules and Policies of Protecting PII

7 Tips to Avoid a Ransomware Hack: A Tale of Mayhem

ransomware hack

Tale of a Ransomware Hack

Imagine for a few moments that you are the CTO of IT at Mega Big Corporation.

Your team’s job is to make sure everyone’s desktop computers hum seamlessly along the ol’ digital conga line. You keep their desktop applications, hardware, and email working, and make sure the users don’t kill the network or disrupt the internet connectivity’s strong, firm handshake. Read more…

Website Design by Chroma Sites