Fortune Cookies Don’t Lie: Office 365 Cloud Security Is in Your Future

 The meal is finished, so your waiter brings the check and a handful of fortune cookies. One by one, you and your friends go around the table reading them.

“‘You cannot stop the waves, but you can learn to surf.’ Well, that’s profound.”

“‘The love of your life will appear in front of you unexpectedly.’ Huh. I never could have guessed that.”

“‘A great pleasure in life is doing what others say you can’t do.’ Who wrote these things? Captain Obvious?”

Then it’s your turn.

“‘You will move to the cloud and have to deal with Office 365 security.’ Nailed that one.”

 

Security on premises and in the cloud

I doubt that anybody has ever written a fortune cookie like that, but they may as well. Moving to the cloud is inevitable, and if you run Microsoft infrastructure, you’re headed for Office 365, along with Exchange Online, Azure Active Directory, and OneDrive for Business. That means you’ll find yourself in the hybrid world of on-premises and cloud computing, and have to deal with security on both fronts. You’ll reduce the time and cost of administration, but will your environment be more secure?

Office 365 takes many of your routine security needs – pruning users, managing group membership, setting up security policies, providing access to network resources – and moves them to the cloud, but it doesn’t necessarily make them easier for you. And if you take your eye off your on-premises security needs, you’ll find that you’ve gained time and saved money by going to the cloud, but at the cost of greater overall risk.

You’re not alone in this, by the way. Among the 1,900 cybersecurity professionals surveyed for the 2017 Spotlight Report: Cloud Security by Information Security Community on LinkedIn in partnership with Crowd Research Partners, the ability to see into cloud infrastructure ranked as the biggest cloud security headache.

When they open their fortune cookie, they see the same thing you see: “You will move to the cloud and have to deal with Office 365 security.”

 

Enterprise Reporter for Office 365: Security and compliance reporting in a hybrid environment

As I mentioned in my previous post, IT administrators want to do their work, not write reports about it. If you spend all your time keeping the network running securely, you don’t have enough bandwidth to continually take its temperature and run reports on it. And, in a hybrid environment where you have one eye on Office 365 and Azure Active Directory in the cloud, and the other on your on-premises Active Directory and infrastructure, you’ll have even less bandwidth for running reports.

But when the auditors come knocking or you need to demonstrate compliance, you’ll have to get those reports from somewhere.

We’ve released Enterprise Reporter for Office 365 to give you full insight into the configuration of Azure Active Directory, Exchange Online and OneDrive for Business. Enterprise Reporter continually maintains hundreds of reports that give you, your compliance officer and your auditors a view into Office 365 security. In a hybrid environment, that would normally mean running separate scripts on both your on-premises and cloud assets, but Enterprise Reporter lets you generate results from both worlds that show up in one user interface.

 

Quick answers to tough questions

Take a couple of common queries about permissions, for example: “Who are my global administrators?” and “Who has access to financial folders stored in OneDrive?” Those are short questions, but you could spend a lot of time digging to arrive at the answers.

Enterprise Reporter can report on access and configuration information across on-premises environments running Active Directory, Exchange, SQL Server and Windows Server. It can also report on Office 365 services such as Azure AD users, groups, roles and applications; shared files and folders across OneDrive for Business; and Exchange Online mailboxes and public folders.

Even mid-sized organizations (~5,000 employees) have a hard time getting a good view of their licensing, how they have allocated or could allocate different license plans across different role types and users, and whether they have enabled certain services within those license plans as shown in the screenshot:

Enterprise Reporter for Office 365 also summarizes your decisions about Office 365 reporting and licensing with data on your tenants, subscriptions, license allocation and service plans. 

 

Take Enterprise Reporter for Office 365 for a test drive

Forewarned is forearmed. The sooner you see how much insight into security and compliance Enterprise Reporter gives you – both on premises and in the cloud – the sooner you can troubleshoot problems and answer the auditors’ questions.  And with migrations to Office 365 on the rise, my next post will explain you can use Enterprise Reporter for both pre-migration and post-migration to ensure a smooth move between platforms.

Have a look at our product demo video called What’s New with Enterprise Reporter, or go ahead and download Enterprise Reporter for Office 365 for a 30-day trial. And don’t be surprised if your next fortune cookie reads “Your colleagues value your wisdom and insight.”

Obvious, right?

Want to secure the rest of your hybrid Microsoft environment by extending your visibility across your on-premises environment with Enterprise Reporter Suite?

Start Your 30-day Trial

About the Author
Austin Collins
Product Marketing Manager that supports Quest's Microsoft Platform Management solutions.   Within Microsoft Platform Management we focus on Migrations and consolidations for Active Directory, Exchange...