GSX Blog

Preventing “Rogue” attacks with Office 365 Security Auditing

Posted by Jean-Francois Piot on Thu, Feb 23, 2017

When an unauthorized person hacks into a system by attempting several password combinations until one works, it’s called a brute force attack. These attacks threaten the security of an organization’s highly sensitive data, and require the careful attention of IT administrators to prevent from happening.

Take Star Wars ‘Rogue One’ for example. Let’s pretend in an alternate storyline, that the Death Star was stolen by the Rebellion, making the Emperor very unhappy. The Death Star is expensive, after all -- so how could this have happened? Well, the Empire just moved from SharePoint on-premise to SharePoint online, and the plans of the Death Star were stored in a specific SharePoint site with restricted access. Only certain users were granted permission. The Rebellion decided to try brute force, entering email accounts and passwords until they successfully gained access. Once they gained access, they were easily able to download the file and put it into a droid.

So, how could this have been prevented? The Empire should have deployed the GSX 365 Security Audit, which would have let them know about abnormal activity on their network. GSX would have notified the Empire as soon as an account was hacked and where it was accessed from. With this knowledge, the Empire could have sent in the Stormtroopers to fix the situation. Furthermore, the Empire’s IT administrator would be able to cut off SharePoint access to prevent further attacks, and the Death Star would be operational again.

As you can see, a brute force attack can send the galaxy into chaos. Don’t let your Office 365 environment be the subject of a preventable attack. Start using the GSX 365 Security Audit to keep your own Death Star protected, and keep brute force attacks “far, far away.”


Tags: office 365 audit, office 365 security, office 365 auditing, SysAdmin Top Issues, star wars