So how can companies mis-configure their multi-tenant environments?
Well, it's really quite easy. It only takes one script or one error in a script to compromise everything.
So if we use an example of a financial holdings firm, who has many entities that may or may not be allowed to talk to each other, they establish Azure AD and Office 365 tenants for each entity. And they start out with a secure model, managing those entities separately.
But then they want to add on auditing and management across all of them. And Company A and Company B need to share information. So they deploy a script that punches a hole through Company A into Company B, and unwittingly into Company C. So now you have an uncontrolled flood of information between Company A and Company C that criminals or bad actors can exploit, or that can be fined for regulatory compliance, because there should be a firewall between those two organizations.
And all of this is done with PowerShell, and with that one person on staff. And what happens when that one person leaves? So we'll see organizations in 2019 enforcing and mandating that PowerShell be a required skill set for all Windows administrators. We'll also see them start to draft out and enforce policies around when a script makes sense, like spinning up a SharePoint Online site, and when it doesn't meet the requirements for enterprise audit logs, security features, or error handling. And we'll also see organizations start to monitor PowerShell, because it is a popular tool used in living-off-the-land techniques for hackers to exfiltrate data.
02:07