Microsoft 365: 5 Security Best Practices
Blog|by Jack Fannon|22 December 2022
Five Microsoft 365 Best Practices To Boost Cyber Security
Many of the following best practices fall under the remit of basic cyber security hygiene. The vast majority of successful cyberattacks could be prevented by implementing simple, yet highly effective plans and processes.
1 in 4 SMBs state they experienced a cyberattack in the last year.
Effective cyber resiliency to defend against these attacks requires a holistic approach, able to adapt and withstand evolving threats to core services and infrastructure.
To get you moving in the right direction, here are five practical cybersecurity best practices your business can use to keep its data safe and secure and how Microsoft 365 helps you get there.
1. Make sure you’re using multi-factor authentication
One of the most effective ways of reducing cyber threats to your business is introducing multi-factor authentication (MFA). Microsoft’s Mutli-factor authentication service is part of its Azure Active Directory.
In a nutshell, MFA means that if you’re attempting to access important organisational assets that are password protected, such as a Customer Relationship Management system, you’ll need two pieces of evidence that prove you have the required authority and details to gain access.
Ensuring MFA is employed in your organisation will not only reduce password-based attacks, which still constitutes the main source of identity compromise instances, it will also help your business move closer towards ‘Zero Trust’.
2. Protect your administrator accounts
Administrator accounts (also called admins) have elevated privileges, making these accounts more susceptible to cyberattacks. If these admin accounts are compromised, unauthorised users could gain access to confidential files, Azure resources and company users accounts.
Cybercrime as a Service (CaaS) entities are increasingly targeting companies, stealing vast amounts of sensitive information and selling this data on. For CaaS entities, admin accounts are their primary target, because of the level of access and privileges that are afforded to them. In order to reduce risk as much as possible make sure you:
- Only have as many admin accounts as is strictly necessary (the fewer the better)
- Adhere to the principle of least privilege (people should only have access to information and data that they need to do their job)
Microsoft have recently introduced brand new pre-set security policies for Exchange Online Protection and Microsoft Defender which includes brand new ‘profile’ classifications. These profiles include standard and strict classifications. Standard profiles provide a baseline level of protection that’s suitable for most users. Strict profiles offer more aggressive protection for select users (high value targets or priority users).
3. Defend against user error
Emails can contain malicious attacks disguised as harmless communications. Email systems are especially vulnerable, owing to the large numbers of people who handle emails, and safety relies on humans making consistently good decisions with those communications. Therefore, it’s important to invest in training and ensure everyone knows what to watch out for whether it’s spam or junk mail, phishing attempts, spoofing, and malware in their email.
Microsoft has a great set of documentation on this available via Microsoft Learn.
Microsoft 365’s Exchange Online has a number of tools that can help detect these characteristics in emails, and block them or warn users:
- Anti-spam filter – Microsoft uses data generated across millions of tenants to identify and filter out these types of emails.
- Anti-phishing checks – these types of attacks go beyond simple spam, Microsoft 365 uses machine learning to create a map of users that an email recipient corresponds with and uses this to determine whether a sender is real or fake.
- Malware and attachments – Microsoft 365 defends against malware using intelligent tools to scan and detect malicious payloads.
- Link analysis – Microsoft 365 scans links in emails to identify potentially dangerous destinations, and alerts the user against clicking those that are suspicious.
4. Use the cloud for secure productivity
Office apps such as Outlook, Excel, Word enable people to work productively and more securely across devices using the cloud, reducing the need for emails. Secure links can now be shared that are stored in SharePoint or OneDrive as opposed to the riskier method of sending documents over email.
Use Microsoft Teams as one of the best ways to collaborate and share securely. With Microsoft Teams, all files and communications are in a protected environment and aren’t being stored in unsafe ways outside of it.
Grant people only the access they need to do their jobs. Sometimes, default sharing levels for SharePoint and OneDrive may be set to a more permissive level than they should. Review and if necessary, change the default settings to increase security and better protect your business.
5. Proactive maintenance and monitoring
After the initial setup and configuration of Microsoft 365 is complete, your organisation should create a maintenance and operations plan. As people come and go, users will be to be added or removed, passwords will need to be reset, and devices may need to be entirely reset. To revisit an earlier point, you’ll also want to make sure that only people within your organisation have access to the most important systems.
If you want to understand how to implement monitoring of your Microsoft 365 environment, get in touch with us and we can advise you.
Webinar: Defend against cyber threats with Microsoft 365
If you still have questions about Microsoft 365 Security, we’re running a webinar in the New Year to help you. Learn how Microsoft 365 Business Premium defends against cyber threats. The key areas of Microsoft 365 that will be covered are:
- Microsoft Defender for Office 365
- Microsoft InTune
- Microsoft Purview
- Microsoft Authenticator App
- Windows Hello
Join us on 24 January 2023 at 10:00 AM to get fresh insights and the opportunity to ask our Microsoft 365 product expert any questions you may have in the following Q&A.
Paessler acquires qbilon to help customers unlock key insights to improve IT performance
Paessler AG acquires qbilon GmbH, a company that provides a platform for automatically capturing, analysing and optimising hybrid IT landscapes.
Intro to our Embarcadero licensing specialists
Grey Matter has been supporting developers and ISVs with IDEs and developer tools since 1983. As part of our 40th celebration, we are interviewing some of our specialist teams to find out more about the team and their focus solutions.
In this blog, we speak to Robin Ashby and Andy Hill, our Embarcadero licensing specialists.
Acronis expands Cyber Protect Cloud with new EDR solution
Acronis, one of our leading cyber security partners, has recently expanded its Cyber Protect Cloud offering by introducing a cutting-edge endpoint detection and response (EDR) solution.