Direct Inward Dialing: +1 408 916 9890
Hackers access endpoint devices looking to steal company-specific data, employees' personal data, or any other valuable information that might be of any use to them. To aid you in preventing such attacks, we've compiled a list of parameters that can help you identify unusual logs, which are often the first sign of an attack.
Unusual logon activity is one of the clearest indicators of a security breach, so it's important to audit user logons from both inside and outside your organization. With a tool that monitors the right parameters, most security threats can be identified before intruders gain access to your valuable data.
The following parameters can add contextual information to your logon auditing and help you differentiate between regular user logon activity and anomalous logons:
User logon auditing with the Office 365 admin center has the following limitations:
With O365 Manager Plus, on the other hand, you can overcome all the above limitations. In addition to providing everything the Office 365 admin center offers, O365 Manager Plus also offers many other features to help you secure your organization.
O365 Manager Plus provides information on all the parameters we just mentioned in an easy-to-understand report, meaning you don't have to rummage through audit logs in the Office 365 admin center. Also, O365 Manager Plus stores audit logs indefinitely, so you don't have to worry about that 90-day window in Office 365.
O365 Manager Plus offers the following audit reports on user logons:
These reports can be set for automatic generation and delivery to your inbox at regular intervals; you can choose between PDF, HTML, XLS, or CSV formats.
Multiple failed logon attempts for a single account in a short span of time is the telltale sign of a brute-force attack. With O365 Manager Plus' Recent Logon Failures report, keep track of any unusual amount of failed logon attempts. This report provides details about the user account being compromised, IP address of the machine being used to log on, date and time of the attempt, and a lot more.
User logons that occur outside of business hours should be audited for both security and compliance purposes. While Office 365 can log user logons and other user activity natively, it can't filter the required audit log data to track whether employees are logging in to their accounts during non-business hours.
With O365 Manager Plus, once you configure your business hours, you can retrieve audit data for user logons during non-business hours in a single click. You can also track user activity happening outside business hours to make sure employees aren't engaging in any malicious activity.