Function4, a managed technology services provider based in Sugar Land, Texas, that serves small and mid-sized businesses and nonprofits across Texas, Louisiana and Oklahoma, has started deploying AI security technology that detects account compromises based on user behaviour rather than login location. The technology targets attacks on platforms such as Microsoft 365, where the methods attackers use have made location-based detection less reliable.
For years, security systems flagged suspicious logins by location. A login from another country was an obvious warning sign. That signal has weakened because attackers can now rent residential internet addresses, which makes a login from another continent appear to originate in the same city as the target.
Once inside a Microsoft 365 account, an intruder can read emails, set up forwarding rules or impersonate employees without triggering alerts built around location. The result is a detection gap, where location-based systems generate false alarms on legitimate activity while missing real intrusions that appear local.
The approach Function4 is adopting evaluates how an account behaves rather than where a login comes from. The system analyses patterns such as login timing, access behaviour and system changes to identify deviations from how a particular user normally operates.
When an attacker appears to be logging in locally but behaves differently from the legitimate account holder, the behavioural signals can flag the compromise. According to Function4, the technology can detect and stop attacks within minutes, identify how the attack began, show what the attacker did and remove anything malicious left behind.
"As attackers evolve, the signals we used to trust, like location, are becoming unreliable," said David Volberding, Branch Manager of Function4. "A login from across the world used to be a red flag. Now it can look completely normal. At Function4, we are constantly evaluating sophisticated, cutting-edge AI technology and the latest in security protocols to protect our customers."
"As attackers find new ways to blend in, organizations need the right AI security tools that go beyond basic rules and look at the full picture. This new approach to cybersecurity technology marks a shift toward smarter, more proactive protection, helping organizations stay one step ahead in an increasingly complex threat landscape," added Volberding.
