Are You Cyber Safe? Protect Your Microsoft 365 Products from Online Threats – Part 1
October 5, 2023
Microsoft 365 is a cloud-based productivity suite that offers various applications and services for businesses. With Microsoft 365 being a cloud platform, you can work virtually anywhere with an internet connection. However, using Microsoft 365 also comes with certain security challenges and risks, such as data breaches, ransomware attacks, phishing scams, and identity theft. In this 2-part blog series, we are going to provide some tips and best practices to help safeguard your organization’s Microsoft 365 investment and sensitive data from increased risk of cyber threats:
- Use multi-factor authentication (MFA).
This is the best mitigation technique to protect against credential theft for Microsoft 365 administrators and users. MFA requires users to provide an additional factor of verification, such as a code sent to their phone or a biometric scan, in addition to their password. This way, even if a hacker obtains your password, they will not be able to access your account without the second factor. You can enable MFA for your Microsoft 365 users in the Entra ID portal.
- Train your organization’s employees.
Human error is one of the main causes of security incidents in Microsoft 365. Therefore, you should educate your employees with cyber security awareness training. This will teach them how to recognize and avoid phishing emails and other malicious messages that may try to trick them into revealing their credentials, downloading malware, or clicking malicious links. They should also know to use strong passwords, report suspicious activities, and follow your organization’s security policies. Your organization cannot be cyber safe if your employees are not aware of organizational safety practices.
- Protect global admins from compromise and use the principle of “least privilege”.
Global admins are the most powerful users in your Microsoft 365 environment, as they have access to all settings and data. Therefore, you should limit the number of global admins in your organization and protect them with MFA and strong passwords. You should also follow the principle of “least privilege,” which grants users the minimum level of access they need to perform their tasks. This way, you can reduce the attack surface and the potential impact of a breach. You can manage user roles and permissions in the Microsoft 365 admin Centre, but I prefer to use the Privileged Identity Management feature in the Entra ID Portal for even better control over role assignments
- Enable unified audit logging in the Security and Compliance Centre.
Unified audit logging allows you to track and monitor user and admin activities across your Microsoft 365 services, such as Exchange Online, SharePoint Online, OneDrive for Business, Teams, and more. This can help you detect and investigate suspicious or malicious actions, such as unauthorized access, data exfiltration, or configuration changes. You can enable unified audit logging in the Security and Compliance Centre.
- Enable alerting capabilities of the Security and Compliance Centers.
Alerting capabilities allow you to receive notifications when certain events or conditions occur in your Microsoft 365 environment, such as malware detection, sign-in failures, or policy violations. This can help you respond quickly and take appropriate actions to mitigate or prevent threats. You can configure alerts in the Security and Compliance Centre or the Microsoft 365 Defender portal.
- Consider Microsoft Defender for Office 365 Plan 1 or Plan 2 for additional protection.
Microsoft Defender for Office 365 is an advanced email protection solution that provides additional layers of security, control, and investigation for your Microsoft 365 email. Depending on your subscription plan, you can enable features such as Safe Attachments, Safe Links, anti-phishing policies, anti-spoofing policies, attack simulator, threat explorer, threat trackers, automated investigation and response (AIR), and more. These features can help you prevent, detect, and respond to sophisticated email attacks that may bypass the basic protection of EOP. You can enable Microsoft Defender for Office 365 features in the Security and Compliance Centre or the Microsoft 365 Defender portal.
We hope the following suggestions have provided you with additional methods to safeguard your organization’s online information. Being cyber safe is crucial to the well-being of any organization. We will be releasing Part 2 of our cyber safety series next week. Make sure to follow our blog and subscribe to our newsletter so you don’t miss out.
SQL Saturday Part 2: Learning About Microsoft Fabric February 29, 2024 I’ve been digging into Microsoft Fabric recently – well overdue, since it was first released about a year ago.…
My Trip to SQL Saturday Atlanta (BI Edition): Part 1 February 23, 2024 Recently, I had the opportunity to attend SQL Saturday Atlanta (BI edition), a free annual event for…
Enabling BitLocker Encryption with Microsoft Intune February 15, 2024 In today’s data-driven world, safeguarding sensitive information is paramount, especially with the increase in remote work following the pandemic and the…
Let’s build something amazing together
From concept to handoff, we’d love to learn more about what you are working on.
Send us a message below or call us at 1-800-989-6022.