Egress Reports that 85% of Microsoft 365 Users Have Been Affected by Data Breach

Sophie Webster, Tech Times 11 May 2021, 10:05 am

Using Microsoft 365, the software giant's cloud-based communications and collaboration platform, could be a security liability for numerous organizations.

Microsoft 365 Security Breach

A report from Egress called Outbound Email: Microsoft 365's Security Blind Spot that was based on a poll of 500 IT experts and 3,000 remote-workers in the United Kingdom and the United States, claims businesses who use Microsoft 365 suffer more email data breaches, and have to deal with more difficult consequences in the aftermath.

However, the report highlighted that if the pandemic did not happen, things would have been different, according to TechRadar.

More than two-thirds, or 67% of IT experts said that the increase in email data breaches happened because of home working, compared to just below a third or 32% among those whose organizations do not use Microsoft's cloud-based collaboration and communication platform.

Also Read: WordPress Data Breach Affects 100,000 Exposed Websites After Using Responsive Menu Plugin

Furthermore, around 93%, or almost all businesses who use the service reported negative impacts following an email data breach, fewer than those who do not use it, which is around 84%.

More than one in six of those using Microsoft 365, or 15%, have suffered more than 500 data breaches in 2020, compared to just 4% than those who do not use it at all.

Humans are Responsible

As the report indicates, the issue does not seem to be in the platform itself, but in the way that people use it.

More than a quarter of IT experts, or 26% of them, said that a severe data loss incident came from an employee sharing data through email by mistake. But then again, the figure decreases among businesses that do not use Microsoft 365, that is around 14%.

The worst part is that IT experts are not very optimistic about the future, not believing things would change for the better, any time soon.

More than three-quarters, or 76%, believe that remote and hybrid working will make it more difficult to prevent email data loss from Microsoft 365 in the future.

Among those not using the service, or around 40%, share the same outlook, according to Business Wire.

Egress' Chief Technology Officer Darren Cooper said that Microsoft 365 has seen phenomenal adoption during the COVID-19 pandemic, and has brought cost and efficiency benefits to numerous organizations, but its security limitations are clear to see.

Cooper added that they can't ignore the risk of email data loss from Microsoft 365 and the shortcomings of static DLP solutions to mitigate the outbound email security risks that organizations face today.

According to Cooper, email data breaches are the top security concern for all of the businesses, and remote working has only exacerbated the risk.

Cooper concluded that organizations need to take proactive steps to secure their data using intelligent solutions that can understand a user's behavior, and the context in which they are sharing data to prevent data loss even before it happens.

As of November 2020, the Microsoft 365 platform is used by more than a million companies worldwide, with more than 650,000 companies in the United States alone.

This number may grow despite the easing of restrictions caused by the pandemic as companies concluded it is more beneficial to let half of its workers stay at home.