Could There Be A Hacker In Your Network?

What would you do if you knew there were unauthorized users in your network? How could you know?

Let’s unpack a real-life scenario we encountered with a manufacturing client that shows why security best practices are so important and how Microsoft’s tools can help. 


Hackers in the Network 

We recently had a manufacturing customer in Michigan who switched to Microsoft 365 E3. As we helped them get their system set up, one of their technical leads was exploring the reporting capabilities of Azure Active Directory Premium. 

Sure enough, in their new suite, they could see they had logins from Nigeria, and asked if that was correct. Since Microsoft shows accurate geolocations for logins, we knew it was correct. 

We also knew that this meant someone was in their network who wasn’t supposed to be there. 

In our experience, any organization that ISN’T using multifactor authentication (MFA) definitely has compromised accounts. So whether or not you’re in the manufacturing industry, it’s a good idea to get this set up. 

Plus if you get set up with Azure Active Directory Premium, you’ll be able to see where your logons are coming from. 

Cleaning It Up 

In this case, we got the situation locked down and secured – but ultimately this calls back to the importance of investing in the right tools and security measures. If you want to take a deep dive into security and M365, view our webinars for more information

How Did Someone Get Into My Network? (The Credential Problem) 

People tend to reuse their credentials (or very simple variants of their credentials), which is an understandable mistake because it can be tough to remember multiple unique passwords. 

Your bank password is probably secure – but your password to, say, your fitness account may be less secure. If it’s compromised, then it’s almost certain that someone, somewhere, is trying to use it to log into your Microsoft account. If you use the same password for multiple accounts and don’t use MFA, you more than likely have a compromised account. 

I Want to Keep My Network Secure… How Do I Do it? 

If you want to keep your network secure, make sure you’re using the right tools, you’re optimizing your implementation, and that you’re utilizing security best practices (such as MFA). If you have any questions, or you’d like an assessment of your security posture, contact us and we can help you!