Microsoft & Office 365 Security
Microsoft analyzes more than six trillion security signals via its cloud systems on a daily basis. They also gather insights from security researchers to compile the annual Microsoft Security Intelligence Report. MSIR Vol 24 shows a worrying spike in three types if threats – phishing, cryptojacking and supply chain attacks.
Data security is an ever-growing global concern, particularly for institutions relying on cloud-based resources. Drawing from Microsoft’s security guidelines and recommendations, here are some of the best data security practices in Microsoft 365 (formerly Office 365).
Encourage the use of strong passwords
Password cracking has become very easy for hackers using sophisticated tools and techniques such as brute force, password spraying and social engineering to break and steal login credentials. However, users are mostly to blame for securing their sensitive accounts with weak passwords.
Enforce a strong password policy in your organization that forbids creating and recycling obvious passwords. An effective policy should require all passwords to have a string of at least eight characters consisting of upper and lowercase letters, unique symbols and numbers. Also, set a six-month expiry period for each password with no re-use.
Enable multi-factor authentication
MFA takes users through a 2-step verification processing before login into their accounts. With MFA turned on, the user must type in a code sent to their phone after entering the right user-password combination. Setting up multi-factor authentication is an easy and effective way to secure user accounts and reinforce overall security in Microsoft 365. It means that hackers cannot access any account using stolen of forced passwords.
Protect dedicated admin accounts
Admin accounts feature elevated privileges for configuring the Microsoft 365 environment. Unsurprisingly, these dedicated accounts are high-value targets for cyber-criminals since they are the gateway to full system access. Make sure that every administrator has a separate user account for regular use, and the privileged accounts are only used momentarily when absolutely necessary.
Additionally, enable MFA for every admin account, and encourage administrators to log out all sessions immediately after completing their tasks.
Set up conditional access
Conditional access is a zero-trust security policy that lets you control data access and resource usage. You can define the criteria for who can access particular resources and how, based on factors such as geographical location, user device and app. For instance, you can create policies that block access from specific areas, users or devices.
In a way, conditional access acts as a secondary authentication protocol for verifying legitimate users, much like MFA. It helps you set security boundaries to ensure that only the appropriate users can access a certain resource.
Block ransomware attacks
A ransomware attack is a devastating strike where hackers hold corporate digital assets hostage and demand a hefty payoff to relinquish control, often with threats to leak or sell valuable data.
Ransomware normally spreads through malicious email attachments. Advise users not to click on suspicious email attachments, especially those from unverified sources. You can also create an email filter that blocks emails embedded with potentially malicious code and unknown executable attachments.
Configure mail flow rules
As an administrator, you can create and configure mail flow rules, also known as transport rules, using the Exchange Admin Center. You can enable or disable encryption for incoming and outgoing messages and also set emailing parameters such as auto-forwarding and screening.
Mail flow rules are useful when it comes to Microsoft 365 data protection. These custom measures supplement the system’s built-in anti-phishing, anti-spam, safe attachment and DomainKeys Identified Mail (DKIM) security compliance features.
Optimize your Secure Score
Microsoft Secure Score is a detailed report showing an organization’s security posture. It gives you good visibility of all the security configurations and the features available. The report assigns a numerical score based on the security measures in place and their impact on data protection. Basically, the security score shows you what you have done so far to secure the platform and what specifically needs to be done to improve security.
The score compiles complex information from a wide range of security signals across the platforms and represents it using metrics that are easy to interpret and understand. More importantly, it gives you a security benchmark and lets you set your own security goals.
Monitor users for suspicious activities
Keep an eye on what your users are up to by viewing reports on Microsoft 365 Admin Center. You can also collect and analyze additional user logging activity from Azure Active Directory. These tools give you an eagle-eyed view of the entire office space, making it easy to detect abnormal or suspicious behaviour, such as exchanging sensitive data, compliance violations, unusual traffic and unexpected logins.
You can even set up real-time alerts to warn you whenever something suspicious happens, such as attempted logins from unusual locations or devices. Such vigilance helps identify and stop incoming threats before they can cause harm, and provides valuable insights into ways to improve Microsoft 365 security.
Train your users
A collection of recent statistics, reports, and surveys reveal shocking facts about insider threats, spotlighting internal vulnerabilities. Insider threats can range from malicious attacks and negligence to unintentional accidents – in most cases, it is impossible to determine the intent or cause of an internal breach. Regardless, it is crucial to bring all your employees on board with Microsoft 365 security measures and general cybersecurity best practices.
Educate the users on data security essentials, such as cyber-hygiene and vigilance. And make sure they understand the importance of observing the established guidelines and protocols. Instil a sense of accountability by outlining each user’s security responsibilities and expectations.
Data protection forms the core framework of the Microsoft 365 cloud environment. Microsoft understands that data security is a priority when working with robust cloud systems, which is why Office 365 comes with such an extensive array of customizable security features. However, as far as that goes, it is up to you to make the right use of these security tools to protect valuable data.
Let us help you secure your MS 365 infrastructure. Softlanding is a Microsoft Gold partner that provides organizations with the professional expertise to integrate, configure and fully utilize Microsoft enterprise products. Get in touch with us and learn how to leverage the most powerful cloud platform worry-free.