Office 365 is a valuable productivity and collaboration tool. It offers businesses numerous benefits, including easy collaboration, remote work, scalability, and lower capital spend. Office 365 security is typically pretty solid and offers a wide range of measures. However, amidst the extensive range of security threats ranging from malware to data leakage and unauthorized access, Office 365 is not entirely safe. Therefore, organizations need to be vigilant to keep their data safe. Here are nine tips on how to improve Office 365 security to avoid potential incidents.
1. Enforce Multi-factor Authentication
Normally, Office 365 users have one way to verify their identity when logging into the application. They use a username coupled with a password. Regrettably, a good number of users do not practice password hygiene which leaves organizations at risk of an unauthorized intrusion.
This is where MFA (Multi-factor authentication) comes in handy to improve office 365 security. It utilizes two or more factors, such as one-time pass codes, to verify the identity of a user. While many people regard MFA as a hassle and an inconvenience, it is easy to implement and can prevent incidents in numerous ways.
Microsoft has a feature referred to as “Security Defaults.” When you enable this feature, it enforces the utilization of MFA in all administrator accounts. MFA is an easy measure for organizations to secure their O365 environment from potential intrusions, should one of their admin’s password be leaked on the Dark Web following a data breach.
MFA should also be applied to users without admin permissions. Although these uses do not represent the same risk, they can compromise apps and services within the ecosystem.
2. Activate Advanced Threat Protection (ATP)
Microsoft’s ATP is a very powerful solution that detects, prevents, and responds to advanced threats that can typically bypass traditional security protections such as firewall, antivirus, and monitoring solutions. Advanced threat protection provides access to a database of known threats that is updated in real-time, allowing its users to be aware of the latest threats that organizations are faced with and to integrate third-party threat data into their own analysis.
With ATP, you will be notified of any attacks, their severity and how the threat was stopped, no matter the origin of the attack. As phishing attacks are on the rise and remain one of the most common vectors of attack used by hackers, 365 Advanced Threat Protection can be very effective at identifying phishing attacks with the help of machine learning and its ever-growing database of malicious sites known for delivering malware or attempting phishing.
This solution is one of the most powerful threat protection measures you can have in place to improve your office 365 security, ensuring that any data within your team’s SharePoint, Teams or OneDrive is well protected.
3. Disable Legacy Protocol Authentication When Necessary
Legacy protocols do not support MFA features that help to mitigate risks of an intrusion. They become good entry points for adversaries targeting your company. Therefore, it is best practice to disable legacy authentication to reduce risks.
In case a firm needs to use legacy protocols for older email clients, the protocols will not be disabled. The email accounts become a vulnerability because they can be accessed via the internet requiring only a password and username to access them, rendering multi-factor measures useless for these users.
An excellent way of mitigating this issue is to restrict access to legacy protocols to select users who need them. By limiting the users who access legacy protocol authentication methods, you lessen an organization’s attack surface substantially.
4. Enable Alerts for Suspicious Activity
With O365, you can enable logging of activity to identify any malicious activity in the system. Nevertheless, enabling alerts for suspicious activity increases your effectiveness in detecting suspicious activity.
You can do this by creating and enabling alerts to notify admins of suspicious events. Suspicious activities can be logins from abnormal locations or accounts surpassing sent mail thresholds, among others. Enabling alerts can go a long way to reduce the time it takes to detect and mitigate malicious activities.
5. Enforce Strong Passwords
Brute-force attacks are increasing each day. They can be detrimental for accounts with access to sensitive corporate data. One way of preventing brute-force attacks is by creating strong passwords. Passwords with few characters are easy to hack, so avoid them.
Here are a few rules for creating a secure password:
- Long passwords are more secure – should have at least eight characters
- Mix symbols, uppercase and lowercase letters, and digits
- Avoid obvious passwords like 123456, abcdefg, etc.
- Avoid utilizing the same password for different accounts.
- Revise passwords regularly –every six months or less
Read more on password best practices.
6. Set Up Conditional Access
Did you know that many organizations experience log in attempts from other parts of the world without their knowledge? If your organization does not have remote employees from around the world, it is best to set up conditional access.
When you enable Conditional Access, all foreign login attempts are blocked. In case a senior official goes on a vacation abroad, he can only log in to his email using a company compliant device.
7. Incorporate Microsoft Secure Score
Microsoft’s Secure Score allows you to gauge your security posture for O365 and provide enhancement recommendations. It offers a centralized dashboard for your enterprise to track security and compliance amendments in Office 365.
8. Enable Unified Audit Log (UAL)
UAL contains logs from Office 365 services like Azure AD, Microsoft Teams, SharePoint Online, and OneDrive. By enabling UAL, an admin can access actions that could be malicious and contrary to organizational policies.
Do not also forget to integrate logs with your existing SIEM tool. This way, you can relate O365 logs with your existing log management and monitoring solutions to detect any abnormal activity and improve your overall office 365 security.
9. Educate Your Users
The above precautions cannot be sufficient if you leave users out of the equation. Research shows that 90% of data breaches stem from human error.
Luckily, human errors can be prevented with mandatory security training for employees. Training ensures that users are aware of probable threats and how to tackle them. They become vigilant and avoid silly mistakes with enormous effects.
It is best practice to ensure that new employees undergo security training before using organizational devices and handling sensitive corporate data.
The Take Away
Many organizations are migrating to Office 365 to enjoy its collaboration, scalability, flexibility, and cost-saving features. Although O365 is an indispensable tool for companies, it is vulnerable to security threats. While Microsoft devotes millions of dollars to safeguard users’ data in the application, it is advisable to enact security measures to maximize the security of your own O365 environment.