In terms of cybersecurity, 2017 was a tough year for financial services firms. According to PWC, financial services firms on average experienced a 130% increase in fraud incidents overall, and failures to protect company and customer data led to legislative action in more than 40 states. Many financial services firms are working as fast as they can to close the gaps, but piecing together the right security solutions to protect everything from core infrastructure to tablets in bank branches can be a difficult task. Even best-of-breed approaches can still leave gaps, often because they may not work so well together with other in-house applications, or because they don’t enable security administrators to see everything that’s happening across the environment.
This is where the integrated platform known as Microsoft 365 can make a real difference because it enables organizations to track user activity throughout their cloud services and analyze audit logs to investigate or remediate possible breaches. Microsoft 365 captures user activities such as viewing, downloading, or sharing documents; changing document or account settings; and resetting passwords. These activities are logged across Exchange Online, SharePoint Online, OneDrive for Business, Yammer, Power BI, Azure Active Directory, and more. At the most basic level, audit logs help you view trends to spot ongoing issues and determine whether there is cause for concern. For example, you can see whether a user has multiple failed login attempts and from what devices, or whether a user has downloaded files containing sensitive company information. This information can determine whether the activity is suspicious or a result of user error (e.g., lost passwords, lack of training).
Microsoft 365 can help financial services institutions manage fraud and breach incidents by enabling you to:
- Track financial advisors on the road – where they are, what device(s) they’re using, and when they’ve logged into the system or attempted to access files on the corporate network from a remote location.
- Monitor access for private or sensitive financial documents. Access and sharing can be set at the group or user level, which can help prevent employees from having broader access to sensitive client or institutional information. You can also see when someone attempts to access documents without the appropriate permissions.
- Help ensure compliance. Share information with legal and compliance teams when employees attempt to delete corporate information that’s critical for regulatory or industry compliance.
To learn how audit logs are helping organizations detect, monitor, and remediate emergent threats like illicit consent grants, click here to read this official blog post from the Office 365 Security team on ‘Defending Against Illicit Consent Grants’.