Office 365 Email Security: Improving Your Security Features

1. Switch to multi-factor authentication

The traditional username-password sign-on is no longer strong enough to secure email accounts. Multi-factor authentication adds a crucial security layer during login and minimizes the risk of stolen credentials. According to Microsoft, MFA can block over 99.9 percent of account compromise attacks. Enabling MFA is one of the easiest things you can do to protect your email accounts.

2. Block legacy authentication

Legacy authentication describes basic user authentication protocols in Azure cloud services. These protocols include SMTP, IMAP, POP, and MAPI. The problem is, legacy authentication techniques do not support modern security protocols such as MFA, making them easy entry points for malicious actors. Replace these outdated protocols with more robust email access security features.

Microsoft recently announced plans to turn off some basic authentication methods in Exchange Online in a bid to secure email accounts for all users.

3. Enable Unified Audit Log (UAL)

The Unified Audit Log records various events from Exchange Online, Azure Directory, Teams, and other Office 365 services. The log gives you an overview of past and ongoing activities in the Azure environment. It also allows for the reversal of various actions such as mass file renames and file restorations. Learn more about enabling and using UAL here.

4. Enable SPF, DKIM, and DMARC

When configured correctly, (1) Sender Policy Framework, (2) DomainKeys Identified Mail, and (3) Domain-based Message Authentication, Reporting and Conformance can block impersonation attacks, significantly reducing the risk of phishing and spoofing.

5. Disable mailbox auto-forwarding to remote domains

Auto-forwarding mail to external domains indiscriminately risks sensitive data leaving the secure corporate environment. Hackers can also use this feature to automatically receive data from unsuspecting users.

6. Get alerts for suspicious activities

Configure alert policies in the Security Compliance Center to track user activities and quickly notify the relevant admins of unusual activities. Abnormal user or system behaviour might indicate an imminent or progressing attack.

7. Use Microsoft 365 Secure Score

Microsoft 365 Secure Score measures your organization’s security posture across Microsoft 365 services by assigning it a numeric value when you first log in. The tool also provides actionable recommendations on sealing off security loopholes and assigns a numeric value to each that can be totaled to form an overall maximum score for your organization. You can also see how your organization’s score compares to the average scores across all Office 365 customers.

8. Encrypt corporate emails

Like we pointed out earlier, emails often carry sensitive information, including personal details, payment data, and corporate secrets. If an email account is compromised or an error occurs during transmission, this information may fall into the wrong hands. Email encryption ensures that only the right recipient can access or read the intended message and email attachments. With the built-in email encryption features in Office 365, you can set emails to prompt a one-time password when opened, only to be read within the Office 365 environment, or restrict copying and printing.

9. Enable the Report Message add-in

When fighting phishing attacks, your users are in the frontline as they truly see what is happening in their mailboxes. In some cases, they might receive and identify a phishing message and by enabling the Report Message and Report Phishing add-ins for Outlook, they can report it easily instead of deleting it quietly. This feature allows your users to report both spam and phishing emails and these reported messages are tracked in Office 365 backend and displayed in the Security Dashboard to allow administrators to follow up or take action before the same phishing emails are sent to other users and cause damage.

10. Educate your employees

Employees are usually the weakest security link in any organization. Human error accounts for a majority of data breaches and is among the fastest-growing cybersecurity threat today. Employees can make innocent mistakes, neglect security protocols, or unwittingly fall for social engineering scams. Create an employee training program focused on cybersecurity best practices and security accountability to minimize user-related cyber risk.

Adopt a multi-layered security approach

Azure hosts several Office 365 email security features, most of which are user-configured to the preferred security settings. Regardless of your Office 365 security settings, it’s essential to add as many security layers as possible. The good thing about a multi-layered security structure is that if one protocol fails, the rest can still protect your data. Take MFA, for example. Even if a threat actor acquires genuine credentials, they are rendered useless by the secondary user authentication stages.

Keep in mind that there is no single solution for email security and cybersecurity in general. It takes the collective effort of various tools and policies to create an effective cyber defence strategy.

Maintaining strong cybersecurity on the cloud is an ongoing process whose success hinges on the time and effort you put into it. But you don’t have to go at it alone – Softlanding is here to help. We guide organizations across Canada in leveraging various Microsoft solutions, including Azure, Office 365, and Microsoft Exchange, efficiently and safely. Contact Softlanding to learn more.