Microsoft Office 365 Tenant needs protection against all kinds of data threats. Some security features are enabled by default, while others need manual installation/ activation. Here are some good practices to have when working with office 356.
Enable Office 365 Multi-Factor Authentication (MFA)
Office 365 does not come with default Multi-Factor Authentication (MFA). You will have to manually install the office 365 MFA as an additional layer of security. MFA protects your account against password sprays and phishing attacks.
MFA is difficult to be compromised by attackers. However, it is important to have a separate emergency account that you can assess to disable the MFA services whenever they are down.
Configure Office 365 Corporate Branding
Corporate branding is a feature that allows users to customize the default login screen. You can include a corporate logo and the name of the organization/company on the office 365 login page.
Customizing the office 365 login page is an added security protocol that helps secure the account. You can look into office 365 migration services to see if they offer what you might be needing.
Users can clearly distinguish an authentic account from a phishing account. This reduces the chances of users logging in their credentials in a malicious account.
Redirect Folders To One Drive For Business
Many computer users prefer an easy-to-reach storage space for their documents and work. Storing files and important documents in the machine’s desktop or My Document folder is not a good data-security practice.
One Drive for business is an important data security feature that allows an organization’s IT team to sync files and folders of employees to the cloud. Consequently, the end user can still access their files without hitches.
Configure And Manage External Sharing For files
One Drive and share point present a convenient platform for effective file sharing between users. SharePoint allows users to send files and documents to other users through a link. Sharing is also possible between external users and users within an organization.
This file/document sharing method is convenient for some companies but insecure to others depending on the sensitivity of the information being shared.
The potential data risk is that any unintended link recipient can access the information shared. It is best to limit the sharing in external SharePoint or rethink added security features like including a guest sign-in page whenever the link is opened.
Enable Office 365 Auditing
Once you have set up an office 365 account, it is best to first configure the auditing in your tenant. Enabling auditing before the beginning of operation is critical because it takes some time before the log recording in the UI begins.
The logs are a detailed breakdown of the activities carried out within the software. Activities in SharePoint, Exchange, and OneDrive, among others, are captured and displayed as longs on the UI. Loggings are a perfect method to track system breaches and unauthorized access to your tenant.
Office 365 comes with a default-enabled mailbox audit log. Users are needed to manually enable the Unified Audit Log to get detailed access to Microsoft 365 Compliance Centre logs. You must get an E5 license for your users to be able to keep the Unified Audit Log entries beyond the default 90-days allowance.
Email phishing attacks are very costly and result in revenue losses amounting to billions yearly. Office 365 users must be alert and possess skills in identifying and avoiding phishing email attacks.
Office 365 has incorporated features and tools that prevent the end users in tenants from encountering phishing emails. You must enable and configure the tools to benefit from them. Among them is the Attack Simulator.
An attack simulator is a tool used to test the readiness of your end users to phishing email attacks. The tool allows you to initiate a simulated phishing attack to end users within your tenant to determine who is more susceptible to falling prey.
The generated reports will guide you in identifying the loopholes and vulnerable users to real phishing attacks. This helps in identifying where to focus your awareness and security training.
Review Secure Scores
When working with office 365, reviewing the secure scores regularly is good practice. Microsoft 365 has a dashboard that checks and compares the latest best practices against your tenant configuration.
You will receive immediate fixes for some metrics or receive a breakdown approach on how to rectify the potential problem. The office 365 Secure Score is found in the Security Admin Centre.
When working with office 365, these are among the best practices to adopt. Remember to regularly check your audit logs and security recommendations to keep your office 356 tenant safe.