wonderfully unique software solutions

CoreView highlights enterprise vulnerabilities through M365 config

Nine of ten enterprises in a CoreView survey had misconfigured their Microsoft 365 (M365) security, according to the US-based vendor.

Shawn Lankton, chief executive of CoreView, said this reflected that IT professionals require automated compliance as well as delegated responsibilities to ensure security and efficiency across the business.

“The role of the IT professional is more important and complex than ever. They need to stay in perfect compliance 100% of the time, all while saving money and improving the end-user experience,” Lankton said.

Despite widespread use of layered protection including multi-factor authentication and strong passwords, IT teams still struggle to achieve full, continued compliance with security policies.

The CoreView study evaluated 1.6 million M365 users, based in workplaces in different countries.

But according to CoreView, managing M365 is complicated if organisations want to remain compliant and have full control of their M365 instances.

While most companies have strong documented security policies, CoreView found a lack of consistent implementation, which it said were largely due to difficulties in reporting as well as limited IT resources.

“Ninety percent of companies had gaps across all four key areas studied – MFA, email security, password policies, and failed logins,” the vendor said.

“Eighty-seven percent of companies (that we surveyed) have MFA disabled for some or all their admins, which are the most critical accounts to protect, due to their higher access levels.”

In CoreView’s sample pool, just 17% of companies had strong password requirements that were being consistently followed.

Additionally, the average company had 22% of their licenses unassigned, and another 10% of licenses inactive.

“In 17% of companies, the numbers were huge with over 10,000 licenses unassigned or inactive,” the vendor said — suggesting “opportunities to optimise license spend” for sales channels.

( Photo courtesy and copyright © Microsoft 2022-23 )

Recent Articles

CoreView expects further sales growth as Microsoft launches ‘disruptive’ tools

Microsoft 365 (M365) management software vendor CoreView is gearing up for greater demand, predicted to be fuelled further by AI adoption via...

Keeper Security expands global reach with new investments in zero-trust security

Keeper Security has opened an Asia-Pacific (APAC) headquarters in Japan, reflecting increased global interest and investment in unified, zero-trust enterprise passwords, secrets...

iSpring follows Salesforce integration with Albato no-code automation

Edtech software vendor iSpring Solutions has announced integration of the iSpring Learn learning management system (LMS) with no-code automation from Albato, expanding...

Cybersecurity alignment can help drive business success: Delinea

Business leaders often overlook the role of cybersecurity in business success, according to privileged access management (PAM) software provider Delinea.

Patch Tuesday targets zero-day vulnerabilities every month, warns Automox

Monthly 'Patch Tuesday' reports have recorded 11 months in a row of zero-day vulnerabilities, according to an update from patch management vendor...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox