28 August 2023

CatchBefore security guarding Microsoft 365 users against unseen invaders

| Dione David
Start the conversation
Young IT specialists work on computers in office

About one in every 10 employees will say “yes” to all applications. Photo: Envato/NomadSoul1.

In these days of heightened cyber security awareness, most people have some form of anti-virus software protecting their devices – yet by the end of today you may have escaped tens of thousands of failed cyber attacks and be none the wiser.

If one should slip through, it could be months, even years before you’re aware of the breach according to managing director of IT solutions provider Blue Packets, Andrew Donehue.

“When you’re browsing the internet, your anti-virus product is designed to help prevent you from downloading something nasty to your computer and losing control of it,” he says.

“But it can only reach as far as it can touch – i.e. your desktop environment. It won’t protect your system.”

In Andrew’s experience, users of cloud-powered platforms such as Microsoft 365 are often victims of misconceptions around their exposure.

“You’re going to the cloud, and when you input your email and files and so on there’s an assumption it’s secure because Microsoft is looking after it for you. But no,” he says.

“There’s a whole lot of security settings to consider and it’s not secure by default. The end user is still responsible for the configuration and for keeping an eye on it, which people rarely do.

“Unfortunately people tend to find out about a breach after their account is already compromised. Or sometimes, only when they’ve already paid a price.”

READ ALSO Report warns SMEs and start-up owners against a false sense of (cyber) security

Once in, hackers can capture the things you type in, then quietly get on with the business of stealing your personal information and hijacking your accounts.

An RSM report last year outlined the added risks to small and medium-sized enterprises (SMEs) who, aside from sometimes not having the resources for adequate coverage, sometimes took the view that their size made them slim pickings for hackers when in fact, they were “easy pickings”.

“The size of a business is not a layer of protection – any target is a good target for a hacker,” Andrew says.

“The impacts of a breach can be bad for any business, but when you’re talking about small businesses with slim margins, it can be devastating. Aside from the financial fallout, the reputational damage will far outlast the incident.

“These days cyber security should be up there with other business priorities, but the reality is a lot of SMEs won’t necessarily have someone dedicated to monitoring this.”

It’s why Blue Packets designed its Office 365 security and monitoring product CatchBefore for SMEs. Its smallest client has just two licences, and its largest has hundreds.

The solution taps into the 365 backend on your behalf and scours for weaknesses in your systems such as users who do not have multi-factor authentication set up and anything suspicious such as activity from overseas – a huge red flag.

“It could be happening while your computer is off, and it will go completely undetected by your anti-virus software,” Andrew says.

“We minimise the risk of that happening by configuration and do reactive monitoring to close the gap.”

Andrew Donehue

If you knew what Andrew Donehue knew about the ominous realities of cyber threats, you might view your anti-virus protection differently. Photo: Thomas Lucraft.

The system generates easy-to-digest reports and throws up alerts as needed.

For one user, CatchBefore picked up an email forward that had been in place for some time, sending copies of all correspondence to an unknown Gmail address.

Andrew says even if the information in your email has no intrinsic value, it poses many risks.

A “classic” example is when hackers send payroll an email from someone’s account requesting a change to bank details for their salary.

“In some examples, a few pay cycles will go through before the victim notices,” Andrew says.

“You’d be surprised how often it happens.”

READ ALSO Public servant payslips among documents vulnerable during Barracuda cyber security breach

Even for clients who have done everything right, from immaculate security configurations to strong passwords and multi-factor authentication, the biggest risk remains – the human factor.

“When people log in, they can authorise external companies to access their data, such as social media. A lot of the time, they have no idea what they’re agreeing to. We find one in 10 people will say ‘yes’ to every application,” Andrew says.

“Once authorised, applications can access email, files and information. Without the user being logged in, without their computer even being turned on, it could sit there for years in the background, undetected.

“Even those who do everything right can get complacent; that’s human nature. But software doesn’t get complacent.”

For more information visit CatchBefore.


Start the conversation

Daily Digest

Want the best Canberra news delivered daily? Every day we package the most popular Riotact stories and send them straight to your inbox. Sign-up now for trusted local news that will never be behind a paywall.

By submitting your email address you are agreeing to Region Group's terms and conditions and privacy policy.