Are You Cyber Safe? Protect Your Microsoft 365 Products from Online Threats – Part 2

October 12, 2023

Ensure your organization is cyber safe ad protect yourself from online threats

Last week, we published a blog that provided tips for protecting your Microsoft 365 products against malicious cyber threats. Cybersecurity is not something to take lightly, and with technology constantly evolving, it is important to understand how you can protect your organization’s sensitive information.  

There is no such thing as being overly cautious or engaging in too much cyber security. We recommend doing everything you can to protect your organization’s online information. Online threats are lurking everywhere, and far too many people adopt an “it will never happen to me” mentality. The reality is it can happen, and it does, so it is always best to diversify your safety practices. Below are more suggestions as to how you can practice cyber safety: 

  • Use Microsoft Purview Information Protection.  
    Microsoft Purview Information Protection is a data governance solution that helps you discover, classify, label, and protect your sensitive data across your Microsoft 365 environment and beyond. You can use features such as sensitivity labels, encryption, data loss prevention (DLP), retention policies, eDiscovery, and more to control how your data is accessed, shared, stored, and disposed of. 
  • Disable auto-forwarding for email.  
    Auto-forwarding is a feature that allows users to automatically forward incoming emails to another email address. However, this feature is typically exploited to exfiltrate company data by cyber criminals who are looking to compromise a user’s account and set up auto-forwarding rules to divert sensitive emails to their own address.  
  • Protect all corporate devices.  
    You should ensure all devices that access your Microsoft 365 account and data are secure and compliant with your organization’s security policies. You can use features such as Microsoft Endpoint Manager (MEM), Windows Hello for Business (WHfB), BitLocker encryption, Windows Defender Antivirus (WDAV), Windows Defender Firewall (WDF), Windows Update for Business (WUfB), and more to manage and protect your devices. 
  • Monitor and audit your security policies.  
    You should regularly review and update your security policies according to the changing threat landscape and best practices. You should also monitor and audit your security settings and events using tools such as Unified Audit Log (UAL), Secure Score (SS), Security Dashboard (SD), Compliance Manager (CM), Azure Sentinel (AS), and more. 
  • Enable SPF, DMARC and DKIM in Exchange Online. 
    E-mail is a common attack vector to launch phishing, malware, ransomware, and other types of attacks that can compromise your organization. You can protect yourself by enabling SPF, DMARC and DKIM in exchange online to help prevent spoofing and phishing attacks that can compromise your email security and reputation. SPF, DMARC and DKIM are email authentication standards that verify the sender’s identity and the integrity of the message content.   
  • Review your Microsoft Security Score Often. 
    Microsoft security score is a tool found in the M365 security portal and Azure portal that helps you measure and improve your organization’s security posture across Microsoft 365 and Azure services. It provides a numerical summary of your security level based on the actions you have taken or have not taken to protect your data, devices, and identities. It also provides you with recommendations and guidance on how to enhance your security settings and reduce your risk of cyberattacks. As cyber security best practices evolve so will the recommendations in the Microsoft Security Score.  

By following these tips, you can improve your Microsoft 365 email security and protect your organization from email-based threats. However, it’s important to remember that cyber security is not a one-time task but an ongoing process that requires regular review and adjustment. Hopefully, these tips start some conversations within your organization to help improve your cyber security in Microsoft 365.  

At Imaginet we take cybersecurity seriously. Follow our blog and subscribe to our newsletter to stay on top of the industry trends that will help your organization remain protected.  

Roy Polvorosa is an expert in Microsoft 365 products, and how to implement them so your organization will be protected from online threats

Roy Polvorosa

Roy Polvorosa is the Practice Lead for Managed Services and a Senior Microsoft Cloud Consultant for Imaginet in Winnipeg, MB. With over 13 years of experience supporting customers with their journey to M365 and Azure combined with his business awareness allows him to identify solutions that align to customers’ requirements and solving problems. With over a decade of experience managing on-premises, hybrid and cloud infrastructure solutions he has substantial familiarity with Microsoft best practices and an empathetic approach to understand a customer’s unique business needs.

Discover More

Secret Manager

Secret Manager to Protect Sensitive Data in App Development

Janine JeansonSep 5, 20245 min read

Secret Manager to Protect Sensitive Data in App Development September 5, 2024 Secret Manager to Protect Sensitive Data in App Development   How you deal with sensitive data is critical to…

Read More
Sensitive Data

Protecting Sensitive Data: Ensuring Privacy from a Data Engineering Perspective 

Olena ShevchenkoAug 29, 202411 min read

Protecting Sensitive Data: Ensuring Privacy from a Data Engineering Perspective  August 29, 2024 Protecting Sensitive Data: Ensuring Privacy from a Data Engineering Perspective  In a bank call center, staff members…

Read More
Custom Script Setting

Custom Script Setting in SharePoint & OneDrive Removed

Janine JeansonAug 22, 20245 min read

Custom Script Setting in SharePoint & OneDrive Removed   August 22, 2024 Last week, we published a blog discussing Microsoft retiring SharePoint Add-Ins. In that blog, we briefly discussed how the…

Read More

Let’s build something amazing together

From concept to handoff, we’d love to learn more about what you are working on.
Send us a message below or call us at 1-800-989-6022.