6 min read
Simplifying the Transition: A User-Friendly Approach to Office 365 Tenant to Tenant Migration
In the fast-paced landscape of today's workplaces, organizations often face the challenge of migrating their Office 365...
By Andrew Wisdom on February 13, 2023
In the last few years, Microsoft's integration of applications has gone from a luxury for cutting-edge companies, to a necessity for organizations across the world. As usage increases, more apps are being created. A total of 25 applications and 17 administration panels have been introduced, with more expected in the next few years.
With the recent increase of usage and apps, IT teams are experiencing difficulty keeping up with the services required to manage O365. The components that organizations are struggling with are security, maintenance, and user optimization. The following paragraphs will cover why handling these 3 areas will give your company an advantage.
Microsoft CoreView is an analytics tool used to break down the security posture and inactivity of network licensing using M365. Last year, Microsoft conducted a study researching over 1.6 million users across different industries. The breakdown of industries studied was 30% users from private sector, 28% from state and local government, 27% from education and 15% from healthcare.
The average company had 40,000 seats and ranged from organizations employing 1,000 to 400,000 users. The study spanned across the globe, from the United States, to Canada, Europe and Australia. While the study was international, more than 60% of the users were stationed in America.
Security Governance is a term used by Gartner, which means the ability to mitigate risks, address threats and ensure security in the future. Out of all who received a health check, 90% of networks were struggling in four key areas: Password Policies, Multifactor Authentication, Email Security, and Failed Logins.
These areas are not new topics in IT; however, companies are still not able to lock down their security. This is because IT companies were overworked and unaware of these issues.
These areas of security fly under the radar because they are small and there is no immediate consequence for neglecting them. Weak passwords, setting expiration dates, and Multi-Factor Authentication don’t get recognized amidst a tall workload. As a result, security concerns accrue slowly over time, until a disaster hits. Below are some of the more revealing findings.
Microsoft recommends a total of 4 admins per company. In the study however, each organization carried an average of 12 administrators. Those with more admins experienced malware issues and had 10 times the number of infected emails. Counterintuitively, the more admins a company had, the greater chance there was to infiltrate its network.
When employees have strong passwords, a company has a strong security foundation. Weak passwords and those with no expiration date pose a vulnerability to the entire organization. During the health check study, surprising evidence revealed that organizations are neglecting password security.
The following results show where that neglect can be fixed:
Weak password requirements are one of the reasons hackers are finding entry into large organizations’ networks.
Multi-Factor Authentication (MFA) is one of the most proven solutions for ensuring security. In recent years, MFA has been so effective that NIST, the government’s security guideline system, recommends implementing MFA.
Protecting a network with MFA is crucial, especially for administrators, because they have access to more data. Despite this responsibility, 29% of admins in the study had MFA disabled.
In the health check, email security issues were scanned for malware, accounts with over 5 mailboxes, and auto forwarding (translating to data leakage). The findings indicated the following:
A frequent form of breach in today’s age is sought through password attempts.
Many networks within this study were tested by some form of hacking, and the most common form of breach was hot spot login attempts. In the span of a week, over 140,000 failed logins occurred. The attempts that came from fraud were 14x more frequent than the amount from user failed passwords.
Surprisingly, the top 5% of companies have more than a million failed attempts each week. This barrage of attempts from hackers makes having strong passwords with expiration dates essential to your security posture.
The license optimization part of CoreView identifies how many active compared to inactive users exist in a network. Often, a company will be paying for more licenses than they need. In addition, they will assign licenses to employees that rarely use Microsoft applications. These unused licenses add to a budget that could be saved with proper supervision.
After a thorough assessment, an accurate plan for saving money and efficiency can be created. Getting the exact number of licensing can be difficult because, in large companies especially, there are users coming in and out of employment. Other factors that lead to inefficient licensing are Microsoft price changes, free trial licenses, and upgrading or downgrading a Microsoft package.
The study shows that the average number of licenses purchased by companies was 60,000. Out of this total, there were 19,000 inactive and unassigned users, totaling 32% of licenses being wasted.
Not only are these unused licenses wasteful, but they also signal future security risk. Former employees are able to log back into old accounts and hack into their company’s data if timely checkups are not accounted for.
An interesting part of the study shows that many users had access to applications which they rarely use.
Organizations with unused applications are overpaying for Microsoft services. A monitoring strategy like CoreView helps identify inactivity, allowing a clear plan for optimizing your budget and M365 plan.
From the data presented, it's easy to see that management of Microsoft 365 is an issue for most companies around the United States and worldwide. CoreView provides the tools necessary to see where your network is lacking, overextending its usage, and spending more money than necessary. After understanding the policies and licensing of your network, you will be able to create an efficient, cost-effective plan for implementing Microsoft 365.
Although the Microsoft 365 suite has become a staple in office productivity, Datalink Networks has seen that IT departments often lack the resources or time to periodically audit their Microsoft Tenant. By requesting a Microsoft 365 Health Check, your organization will receive a report detailing the amount of unused, unassigned, and underutilized licenses in your tenant; along with recommendations on how to improve security settings and lower overall licensing costs.
Sep 19, 2023by Amanda Rindt
In the fast-paced landscape of today's workplaces, organizations often face the challenge of migrating their Office 365...
Sep 6, 2023by Don Wisdom
Bentonville, Arkansas — Nestled in the heart of Northwest Arkansas, Bentonville is a city with a rapidly growing...
Sep 6, 2023by Don Wisdom
Charlotte, North Carolina — Situated as a crown jewel in the banking sector, Charlotte stands tall with a robust...
Contact Datalink Networks