The OGO Blog

What are the Top Security Concerns with Microsoft Office 365 for credit unions?

Remote Working Security Assessment For Credit Unions

Managing security and risk is extremely important for credit unions. Today, increasing numbers of credit unions are moving toward cloud-based software suites such as Microsoft Office 365. Is Office 365 a secure platform for your credit union?

Decentralized production suites such as Office 365 are fairly secure, all things considered. The safety and security of any cloud-based production platform depends on a couple factors. We’ll explore that below.

1) Hacking

With all the hullabaloo about Russian hackers in the political world in the last few years, it’s not outlandish to wonder how safe your information is from hacking. As countless unrealistic and sensational science fiction scenarios have portrayed surprisingly accurately over the decades, there’s no such thing as un-hackable information.

This shouldn’t scare you, though: Microsoft has immense resources at their disposal to keep your information safe. Their technicians are extremely talented, and their encryption package is robust. Because of the incredible difficulty of hacking Microsoft and their deep pockets, we are primarily focused on employee related breaches when talking about the Microsoft Office 365 Credit Union platform.

2) Phishing

Phishing is the practice of sending fraudulent emails in order to coax recipients into offering up information. Phishing emails are essentially scam emails. Unfortunately, most phishing emails are well-constructed; they usually look like official emails from larger, more reputable companies, and some may even appear to be from Microsoft itself.

Phishing emails trick people into volunteering their personal information or passwords for the purpose of gaining access to their accounts. With employee password information, the network security can become compromised, after which the malicious website or party who sent the phishing email can enter the network with the same level of access as the scammed employee.

A few examples of phishing we’ve seen lately are framed as ways to further protect an account. The fraudulent messages may appear under a few guises. One might say that there’s a problem with their account, and they need to proceed to their secure third-party website to verify account information. Another might say that there are undelivered or unreceived messages that need extra clearance, which will prompt the employee with a request for confidential account information. One of the most common that we’ve seen will simply ask the user to re-enter their password authenticate their account.

Regardless of what form these phishing emails take, they tend to appear urgent and subsequently ask for passwords, usernames, and so on. The best defense against these attacks and scams is by informing your staff about the dangers of phishing.

The Bottom Line

Fortunately, the prevalence of phishing emails is a testament to the security of Office 365. It’s a very secure platform that’s backed up in many ways by the strong technological infrastructure and resources of Microsoft. Your main security concerns with regards to credit union cloud-based production suites is with phishing & internal threats..

The best method of ensuring the safety of your information is by ensuring your staff is well-trained and informed. So long as they’re made aware of what role they play in the security of sensitive information, we think that Office 365 is a secure production suite for your credit union.

Want to learn more about Office 365 and which solutions are a good fit for your credit union? Fill out the short form below and an expert from the Ongoing Operations team will be in touch.