GSX Blog

Office 365 Security Use Case: Brute Force Attacks & Data Leaks

Posted by Juliette Ollagnier on Thu, Jan 26, 2017

userleak.jpgA brute force attack is when an unauthorized person hacks into a system by attempting several password combinations until they’re able to gain access. For any company whose employees use passwords to access important documents, brute-force attacks are a threat to the security of your organization’s data.

Take, for example, a utility company that moves from SharePoint on-premise to SharePoint online. A brute-force attack happens on the utility company’s user accounts, and hackers are able to access critical files on SharePoint and share them externally. These critical files include information on a massive dam’s water pump that could result in serious real-life consequences if they end up in the wrong hands.

The cause of this hypothetical brute-force attack was that some users had passwords that were not strong enough. The passwords were easily discoverable by hackers. Unfortunately, the company had no way to recognize this and prevent a data leak, so critical files on SharePoint were accessed without the company’s knowledge.

The company could have prevented this attack with simple Office 365 auditing tool to proactively check for failed password attempts, unusual user locations, and irregular sign-in activity. GSX can be deployed to follow suspicious events, find out where they come from, and detect what’s going on in breached accounts to see what files are accessed. This gives organizations the power to take immediate action to restore security, like resetting accounts and passwords. With the GSX 365 Security Audit, companies can prevent brute-force attacks from resulting in data leaks, ensuring the security of their cloud environments.


Tags: Office 365, office 365 audit, office 365 security, office 365 auditing