IT Security News • 1 June 2020
Impossible Travel: The Security Control Your Network Is Missing
Microsoft 365 offers so many fantastic features that will help keep your businesses data secure
Impossible Travel: The Security Control Your Network Is Missing, Fabric
The most useful security features take a proactive stance. They use machine learning and the intelligent cloud to recognize potential security breaches. Impossible travel stands out as one of the most useful in the Microsoft 365 suite.
Impossible Travel Security Protection
Impossible travel keeps track of where users are located so it can identify potential security breaches. For instance, if a user signs into Microsoft 365 in Manchester to check email, that person can’t possibly download a SharePoint Online document in Madrid an hour later.
The impossible travel feature works well because it takes a realistic view of the world. It knows that humans have physical restrictions that prevent them from performing tasks in two locations without taking the right amount of time to travel from one to the other. If these physical rules get broken, then the impossible travel feature will flag the interaction as a potential breach.
Microsoft 365 Conforms to Your Security Policies
Your organization has security needs and concerns that differ from those of other groups. Microsoft understands that a one-size-fits-all approach does not meet the needs of today’s businesses, government institutions and other organizations.
Anomaly Detections Policies
Impossible travel is just one of many anomaly detection policies that are available as part of your Microsoft 365 subscription. Here are a few:
1 Activity from an infrequent country
This detection considers past activity locations to determine new and uncommon locations. The anomaly detection engine stores information about previous locations used by users in the organization.
2 Activity from suspicious IP addresses
This detection identifies that users were active from an IP address identified as risky by Microsoft Threat Intelligence. These IP addresses are involved in malicious activities, such as Botnet C&C, and may indicate compromised account.
3 Suspicious inbox forwarding
This detection looks for suspicious email forwarding rules, for example, if a user created an inbox rule that forwards a copy of all emails to an external address.
