A few weeks ago I’ve turned on Cloud App security feature in my Office 365 Subscription. I was surprised today when i started getting the alerts that there were some attempts made to login as my on my account. In less than two hours there were m15 attempts and they were all outside US and from an unknown device. First I didn’t know where it came from but when I logged on the links provided and I re-called that I did setup some policies a weeks ago.
As you can see below there were three email sent to me whenever there was an attempt made to hack into my account
And here is the policy matched and alert was triggered
The Next Step – Review the alert
The next action was to Review the alert and investigate it. I was brought on to this page
What did I configure? It was not enabled by default
As I said above I created a policy while ago and based upon that now I’m getting these alerts
As you can see, in GOVERNANCE I’ve options to select the action.
Pro Tip !
Enable Multi-factor authentication