Tag Archive for: ATP

Microsoft Office 365 Security is one of the main concerns when organisations consider moving their data to the cloud. With new threats emerging on a regular basis, organisations must use the tools at their disposal to lock down and secure their data. Microsoft Office 365 is considered a very a secure platform when configured correctly by an administrator. This article outlines 10 security features available to organisations using Microsoft 365. For more information on Microsoft security visit our service options for office365 enterprise mobility security (EMS), Microsoft 365 security and compliance or Microsoft Office365 hacking prevention.

Securing Microsoft 365 Video

1. Activate Multi Factor Authentication

Multifactor factor authentication requires more than just a username and password from a user when they try to log into office 365. It’s one of the most effective ways off securing your account. When activated, users logging in will have to type in a code sent to their mobile phone or respond to a notification using a free Microsoft app. This prevents attackers from gaining access to your account even if they have the password.

2. Use dedicated Admin accounts

Admins should have a separate standard user account for everyday non-administrative tasks. Office 365 Administrator accounts have elevated privileges making them targets for hackers. Admins should only sign into these accounts when performing administrative duties. This reduces the attack vector if accounts are compromised.

3. Disable Auto-Forwarding of email

If an attacker gains access to a user’s mailbox they may automatically forward all mail to an external address without the user knowing. Using mail transport rules admins can prevent auto-forwarding being enabled on user mailboxes.

4. Protect against malicious email attachments with ATP

ATP Safe attachments is part of Office 365 Advanced Threat Protection. Its function is to protect users from malicious email attachments such as ransomware and viruses. All attachments are scanned and executed in Microsoft “sandbox” environment to determine if the attachment performs any malicious actions. Files deemed safe are re-attached to the message and delivered to the recipient’s mailbox.

5. Protect against phishing attacks with ATP Safe Links

ATP Safe links is part of Office 365 Advanced Threat Protection. Its function is to protect users from malicious links sent within emails. Administrators should configure policies to enable time-of-click verification on URLs within emails and office documents.

6. Enable Mailbox Auditing

Customers who procured Office 365 before January 2019 won’t have mailbox auditing enabled by default. Administrators should check if auditing is in place and enable if not. Once activated mailbox auditing allows you to track actions that users take within their own and other users mailboxes.

7. Use Role Based Access Control

Using Role Based Access Control within Office 365 gives administrators the ability to assign roles to users to allow them to carry out specific actions whilst denying others. An example would be allocating the billing administrator role to a member of finance to allow them to access billing only within office 365. This prevents Global Admin roles being assigned to users giving them more permissions than they need. RBAC provides a more distinct level of administration given the large number of products and applications with Office 365.

8. Lock down SharePoint and OneDrive sharing

By default, users in Office 365 can share documents and files outside the organisation with external users. Administrators should review their organisational policies to lockdown down sharing to specific sites to reduce risk of data leakage. SharePoint sites with public information could be enabled for external sharing with expiration on links. Sharing can also be locked down to trusted domains only.

9. Email Alerts

Alerts is a feature in the Office 365 security & compliance centre. Administrators should configure and enables alerts to prompt for suspicious or abnormal activity. Once Alerted Administrators can investigate issues that could be potentially problematic. Examples could include large volumes of data being deleted from SharePoint sites.

10. Use Microsoft Secure Score

Microsoft Secure score is an analytics tool providing a numerical value of an organisation’s current security status within Office 365. The score is presented on a dashboard and is based on the current configuration, users’ actions, and other security measurements within Office 365. Administrators should follow and implement the recommended list of actions on the portal. Each action addressed will increase the security score and reduce the overall threat to your office 365 environment.

Speak to a Microsoft Security Expert

All of the products outlined above our included in a Microsoft 365 Business Premium license. Valto are here to help with your Microsoft 365 platform. Get in touch via 03335 779 009, [email protected] or Contact Us.