Account/Authentication - Azure Active Directory - Ensure that LinkedIn Contact Synchronization is Disabled

 





Summary

Integration with LinkedIn should be disabled in order to prevent phishing scams. 

Reason

Office 365 have always been a prime target for phishing scams that are a subset of social engineering strategy that imitate a trusted source and concoct a seemingly logical scenario for handing over sensitive information. Social networking sites have made social engineering attacks easier to conduct.

LinkedIn integration is enabled by default in Office 365 and may lead to a risky scenario where an external party could accidentally disclose sensitive information.

What If?

Users will not be able to sync contacts or use LinkedIn integration.

How to?

To disable LinkedIn account data sharing, perform the following steps via the Azure AD admin center:
  1. Navigate to https://admin.microsoft.com and login as a Global Admin.
  2. Expand Admin centers then choose Azure Active Directory.
  3. After the Azure AD admin center is opened select Users followed by User Settings then User settings.
  4. Under LinkedIn account connections click No.
  5. Now, you can click Save at the top of the page.

Monitor:

To verify that LinkedIn contacts synchronization is disabled, perform the following steps via the Azure AD admin center:
  1. Navigate to https://admin.microsoft.com and login as a Global Admin.
  2. Expand Admin centers then choose Azure Active Directory.
  3. After the Azure AD admin center is opened select Users followed by User Settings then User settings.
  4. Under LinkedIn account connections make sure that No is highlighted.


































Comments

Popular posts from this blog

Deployment (Part 3)

Deployment (Part 1)

Project Resourcing (Part 2)