Phishing Attacks & Compromised Email Accounts
In response to increased email phishing attacks and compromised email accounts, Advantage Industries recommends all businesses throughout Baltimore Maryland Area, Northern Virginia and Washington DC enable Two-Factor Authentication (2FA) for all Office 365 employee email accounts.
- What is Two-Factor Authentication (2FA)? 2FA adds a second tier of security to the login process when you access your Office 365 account. Your staff will be asked to enter their password and then a code from their mobile device or cellphone.
- Why is Advantage enabling this extra security step? It is currently the single best protection that we can offer to prevent an email account takeover. Even if a member of your staff inadvertently provides a hacker their Office 365 password, the account is still secure for signing in, as both a password and mobile device key are required. To date, Advantage has not had a single client Office 365 account compromised once we enabled the service for them. We have already internally enabled 2FA for the admin logins we use to manage your 365 partner accounts because, to us, your security is highly critical and a top priority.
- Does Microsoft charge to enable 2FA? There is no Microsoft license cost to enable 2FA on employee email accounts as it’s now an included service.
- How is it enforced? When an employee turns 2FA off, or a service fault on the Microsoft cloud server-side takes place, it becomes difficult to enforce. For those two reasons, Advantage utilizes Microsoft Azure AD Premium to monitor compliance and uptime of the 2FA 365 system for your organization. It will alert us to errors and users, not in compliance.
- Does 2FA protect all Office 365 services like SharePoint, Teams, and OneDrive? Yes, it does. Enabling 2FA helps to protect and secure any corporate documents you may store in 365 online services.
- What’s the end-user impact on my staff? You do NOT need to use the authenticator daily if you’re logging into a known, trusted device, and check the box during login to flag it as such. Office 365 will keep track of your work computer and your personal phone for 90 days, so you’ll only be prompted to use your 2FA that often. On public or shared computers that you do not mark as trusted, you will be prompted to use 2FA each time you log in. For most of your staff, there is no noticeable daily impact.
- Do I have options with how I use 2FA? Microsoft provides a variety of ways to handle 2FA in the most convenient way for your staff. Advantage engineers will work with your team to set things up in a way that’s best for them.
- Text message – recommended as it’s the easiest for most staff
- Voice phone call
- Microsoft 2FA Authenticator App
- How do I enroll my staff in Office 365 2FA? Contact us at firstname.lastname@example.org. Be advised a setup fee is involved as Advantage techs will work with each staff member to configure their computers, Office 365 applications, and mobile device settings for 2FA. That typically takes 15 minutes per person onsite and 30 minutes remote, depending on the number of devices they use to access Office 365 resources. Your client account manager will work with you to create a deployment plan that minimizes cost for setup as well as disruption to your staff.
What if I have more questions? Reach out to your client account manager directly or contact us. We will be happy to address any questions or concerns you have.