Cloud Security - 8-Step Guide to Securing Microsoft 365

Backup
General
Office 365
Security

_audit

Optimize your IT with a free audit

Start with a free IT audit. We’ll review your costs, cybersecurity, and support to uncover ways to cut expenses, boost security, and drive productivity. Book your audit today!

Book IT Audit
May 4, 2021

Cloud Security ' 8-Step Guide to Securing Microsoft 365

With more businesses making the move to Software as a Service (SaaS) public cloud services, it's'important to understand security is not inherent with Microsoft 365.'Like any aspect of IT, if these systems are setup or'maintained'with security best practices your data will be at risk.'Therefore, we put together our 8-step guide to securing Microsoft 365.'Completing the below steps will make your business data more secure:

1. Setup Multi-Factor Authentication

Enabling'multi-factor authentication is one of the easiest and most effective ways to'improve'the security of your'business.'It is'also included in the price of your Microsoft 365 licence so'do not'delay.'Here is the Microsoft guide on how to configure MFA.'Enabling MFA will add a second authentication step after entering the correct password, such as using your mobile phone. This means even if a malicious person'was'trying to gain access to your account with your'password,'they'would not'be able to get access.

2. Train Your Staff

According to the 2017 Data Breach Investigations Report, more than 90% of cyber-attacks were traced back to human error.'Fostering a risk-aware culture in the workplace is'a great way'to combat cyber security incidents.'Teaching staff about password best practices and how to spot phishing emails is a great start.'Simulated Phishing Campaigns'whereby'a fake spam email is sent to everyone in the business and a report is generated,'showing which staff require'additional'cyber awareness training. This will'determine'your organisation's current'susceptibility'to this type of attack,'identifying'the groups of users most at risk.'Allowing you to focus your'Cyber Awareness Training on those who need it most.

3. Use dedicated admin accounts

By'default'when'you create a new Microsoft Tenancy a Global Administrator account is made. It is not best practice for this account to be the account used day to day by any staff. Create a dedicated account with a long password with MFA enabled.

4. Enable email encryption for sensitive conversations

Using email encryption for Microsoft 365'means'that only intended recipients can view'the emails you send.'It is recommended to turn this on and set all confidential emails to be encrypted. More information on using Office Message Encryption'can be found here.

5. Add external recipient warning in email banners

Adding a warning to the top of emails that originated from outside of your organisation can protect your business from forged emails from malicious hackers'attempting'to gain access to your data or request that you complete malicious actions.

6. Backup your data

Microsoft 365 enables your'business to work anywhere'without the need to host your own email,'files,'and SharePoint infrastructure.'Even though Microsoft hosts the infrastructure, this'does not'replace your responsibility to backup business-critical'Microsoft'365 data.'Having 3rd'party backup solutions for your Microsoft 365 data can give you more peace of mind around the'long-term'security of your data.

7. Setup data loss prevention policies

DLP or Data Loss Prevention policies allow to you define what data should leave your Microsoft'tenancy.'These policies help administrators'maintain'and automate rules around how'data'can be accessed and'distributed.'Policies create alerts and actions that the system can take if a data loss prevention policy is'triggered. For example, if an employee account is trying to share a spreadsheet'containing'credit card data'with an'external user, the policy can be set up to automatically warn the user and/or quarantine the file.

8. Run regular security audits on your cloud environment

Auditing your cloud infrastructure including your SaaS configuration on a periodic basis is important. Security threats are always evolving and you need to constantly keep your security ahead of these threats.''Microsoft includes a tool in the 365 portal which is'very helpful'in'providing'on-going health checks and recommendation.'It's'called Office 365 Secure Score and you can see more information here -'https://docs.microsoft.com/en-us/microsoft-365/security/defender/microsoft-secure-score''As always, you are not alone in your fight against cybercrime. Please do not hesitate to'contact'us as we can'assist'in all aspects of cloud security including completing the above checklist on behalf of your business.''

_news

Related Blogs

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

News
Virtual Desktop
Outsourcing
Software
Security
Office 365
Science
Jobs
IT
Computer
General
Future
Business
Blog
Backup

Book a free consultation

Discover more Topics

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

_services

Managed IT Services

Think of us as your tech partner who’s always got your back. Our Managed IT Services keep things running smoothly, prevent problems before they happen, and make sure your tech is working to help your business grow.

Learn more

Security

Cyber threats keeping you up at night? We get it. Our security services are designed to protect your data and keep you safe, so you can focus on growing your business without the constant worry.

Learn more

Hosted Solutions

Need flexibility to scale? Our Hosted Solutions make it easy. From cloud desktops to data management, we help you streamline, save on costs, and stay productive—without missing a beat as you grow.

Learn more

Voice, Data & Hardware

Communication should be easy, right? With our Voice, Data, and Hardware solutions, we make sure your team stays connected and productive. Whether it’s phones, internet, or cables, we’ll set you up for success.

Learn more