Microsoft Health Check - CoreView Management Platform

In the last few years, Microsoft's integration of applications has gone from a luxury for cutting-edge companies, to a necessity for organizations across the world. As usage increases, more apps are being created. A total of 25 applications and 17 administration panels have been introduced, with more expected in the next few years.

With the recent increase of usage and apps, IT teams are experiencing difficulty keeping up with the services required to manage O365. The components that organizations are struggling with are security, maintenance, and user optimization. The following paragraphs will cover why handling these 3 areas will give your company an advantage.

CoreView Health Check Study

Microsoft CoreView is an analytics tool used to break down the security posture and inactivity of network licensing using M365. Last year, Microsoft conducted a study researching over 1.6 million users across different industries. The breakdown of industries studied was 30% users from private sector, 28% from state and local government, 27% from education and 15% from healthcare.

The average company had 40,000 seats and ranged from organizations employing 1,000 to 400,000 users. The study spanned across the globe, from the United States, to Canada, Europe and Australia. While the study was international, more than 60% of the users were stationed in America.

Security Governance

Security Governance is a term used by Gartner, which means the ability to mitigate risks, address threats and ensure security in the future. Out of all who received a health check, 90% of networks were struggling in four key areas: Password Policies, Multifactor Authentication, Email Security, and Failed Logins.

These areas are not new topics in IT; however, companies are still not able to lock down their security. This is because IT companies were overworked and unaware of these issues.

These areas of security fly under the radar because they are small and there is no immediate consequence for neglecting them. Weak passwords, setting expiration dates, and Multi-Factor Authentication don’t get recognized amidst a tall workload. As a result, security concerns accrue slowly over time, until a disaster hits. Below are some of the more revealing findings. 

The Challenge of Microsoft 365 Administration

Microsoft recommends a total of 4 admins per company. In the study however, each organization carried an average of 12 administrators. Those with more admins experienced malware issues and had 10 times the number of infected emails. Counterintuitively, the more admins a company had, the greater chance there was to infiltrate its network.

Password Policies

When employees have strong passwords, a company has a strong security foundation. Weak passwords and those with no expiration date pose a vulnerability to the entire organization. During the health check study, surprising evidence revealed that organizations are neglecting password security.

The following results show where that neglect can be fixed:

• 95% of companies have security issues in both areas of weak passwords and expiration dates
• 10% did not address any issues regarding expiration weaknesses
• Only 17 % of companies had established strong password requirements
• 10% of companies have thousands of users without strong passwords

Weak password requirements are one of the reasons hackers are finding entry into large organizations’ networks.

MFA

Multi-Factor Authentication (MFA) is one of the most proven solutions for ensuring security. In recent years, MFA has been so effective that NIST, the government’s security guideline system, recommends implementing MFA.

• 22% of companies have MFA disabled for 1/3 of their users
• 87% of companies have MFA disabled for some or all admins
• 42% of companies have MFA disabled for 1/3 of their administrators

Protecting a network with MFA is crucial, especially for administrators, because they have access to more data. Despite this responsibility, 29% of admins in the study had MFA disabled.

Email Security

In the health check, email security issues were scanned for malware, accounts with over 5 mailboxes, and auto forwarding (translating to data leakage). The findings indicated the following:

• 25% of companies had at least one malware email detected within a week
• 10% of companies had 25 detectable malware events
• 87% of companies had email accounts auto forwarding externally
  
  

Failed Logins

A frequent form of breach in today’s age is sought through password attempts.

Many networks within this study were tested by some form of hacking, and the most common form of breach was hot spot login attempts. In the span of a week, over 140,000 failed logins occurred. The attempts that came from fraud were 14x more frequent than the amount from user failed passwords.

Surprisingly, the top 5% of companies have more than a million failed attempts each week. This barrage of attempts from hackers makes having strong passwords with expiration dates essential to your security posture.

License Optimization

The license optimization part of CoreView identifies how many active compared to inactive users exist in a network. Often, a company will be paying for more licenses than they need. In addition, they will assign licenses to employees that rarely use Microsoft applications. These unused licenses add to a budget that could be saved with proper supervision.

After a thorough assessment, an accurate plan for saving money and efficiency can be created. Getting the exact number of licensing can be difficult because, in large companies especially, there are users coming in and out of employment. Other factors that lead to inefficient licensing are Microsoft price changes, free trial licenses, and upgrading or downgrading a Microsoft package.

License Opportunities

The study shows that the average number of licenses purchased by companies was 60,000. Out of this total, there were 19,000 inactive and unassigned users, totaling 32% of licenses being wasted.

Not only are these unused licenses wasteful, but they also signal future security risk. Former employees are able to log back into old accounts and hack into their company’s data if timely checkups are not accounted for.

License Usage

An interesting part of the study shows that many users had access to applications which they rarely use.

• 35% of users hadn’t accessed Teams in a week, 53% inactive users for One Drive, and 15% of Exchange users hadn’t logged on in over a week.

Organizations with unused applications are overpaying for Microsoft services. A monitoring strategy like CoreView helps identify inactivity, allowing a clear plan for optimizing your budget and M365 plan.

Summary

From the data presented, it's easy to see that management of Microsoft 365 is an issue for most companies around the United States and worldwide. CoreView provides the tools necessary to see where your network is lacking, overextending its usage, and spending more money than necessary. After understanding the policies and licensing of your network, you will be able to create an efficient, cost-effective plan for implementing Microsoft 365.

Although the Microsoft 365 suite has become a staple in office productivity, Datalink Networks has seen that IT departments often lack the resources or time to periodically audit their Microsoft Tenant. By requesting a Microsoft 365 Health Check, your organization will receive a report detailing the amount of unused, unassigned, and underutilized licenses in your tenant; along with recommendations on how to improve security settings and lower overall licensing costs.