Microsoft 365

Microsoft 365: Is The “Out of The Box” Solution Secure?

Microsoft 365 is one of the most popular production suites designed to help businesses streamline tasks and improve the way they communicate with customers, vendors, and other businesses. Microsoft 365 is complete, with tools for data storage, collaboration, document management and sharing, and business email. The popularity of this platform and its wide adoption by businesses makes it a natural target for cybercriminals. Unfortunately, some organisations are unaware of the vulnerabilities that out-of-the-box security defaults could present.

While Microsoft Office 365 has the capability to be a secure platform for businesses with its built-in security features, businesses must take further steps to tailor these security settings to derive maximum benefit from the security capabilities that Microsoft 365 has to offer.

How to improve Microsoft Office 365

What features can businesses enable to further improve the security of 365? They include:

Enable alerts for suspicious activity

Microsoft 365 offers alert policies that can help you monitor activities such malware attacks, external sharing, assigning privileges in Exchange Online, etc. Since this is not configured by default, you will have to manually configure it.

You can also configure your alert policy to detect unusual and suspicious activity like sharing a file with an external user or an unusual volume of some activity.

Remove redundant account privileges

It is important that organisations remove redundant account privileges. Access rights for accounts, users and computing processes must be restricted to only those resources required to perform legitimate functions. An office assistant, for example, may have no business accessing folders that contain financial data. Organisations should ensure that they conduct a full audit of Microsoft 365 user base every 3-months.

Revoke ex-employee access

When an employee leaves your organisation, does your organisation immediately revoke their access to corporate information? Revoking access must be a part of your offboarding routine. While this can be done manually, it is prone to human error and therefore not advisable. Organisations should have a centralised password management and access control system that gives complete visibility of all systems, and a single point to instantly to revoke or activate permissions.

Not revoking an ex-employee access to corporate data could cause extensive damage to your business. Your corporate data could be leaked to the public, sold on the dark web, or used to assist a rival business.

Backup sensitive data online and offline

While it is important to put in measures to stem any cyber breach or data loss, it is worthwhile for organisations to have an offline and online backup of your sensitive data. This is a failsafe measure to ensure that accurate data can be restored, and operations can continue smoothly if there are any compromises in the cloud or offline.

Enable multi-factor authentication

A great way to improve Microsoft 365’s security is to enable multi-factor authentication in Microsoft 365. According to Microsoft, applying a single policy like MFA can prevent 99.9 percent of account compromise attack.

Multi-factor authentication goes one step forward to secure organisations by verifying users’ identity using multiple credentials. It offers multiple layers of protection, making it difficult for cybercriminals to access a device. If a criminal successfully obtains one credential (e.g. username /password combination, they will still need to verify their identity in a different manner.

Whereas we normally use a username and password to access a system, MFA will add something else that only the user should have access to.  This can be a text message to their phone, a phone authenticator app which generates a new code every 30 seconds, a smart card, facial recognition, or fingerprint scan.

Use dedicated administrator accounts

Administrative accounts should be used for administrative purposes only. Users with administrative rights must use a secondary account for other activities like internet browsing, email, etc. Additionally, admin accounts must be configured for multi-factor authentication, and always logged out after completing administrative tasks.

Apply updates and patches immediately

Security patches are issued to fix vulnerabilities in both apps and operating systems that can be exploited by cybercriminals. Once a manufacturer releases a patch to fix an issue, malicious hackers can examine what it fixes and proceed to attack machines that are unpatched. Neglecting to install security patches on a system can result in a long-term infection.

Additional measures

Conduct regular phishing training: The importance of staff phishing training cannot be overemphasised. As vital as configuring additional security features to your Microsoft 365 can be, conducting regular phishing trainings for your employees can be a great way to keep your employees alert. Training your employees to know what to look out for can be a great defence against cybercriminals.

Cybersecurity training should be conducted at least thrice per year. A study presented at the USENIX SOUPS security conference recently analysed user’s ability to detect phishing training versus training frequency. Employees took phishing identification tests at different time increments – 4, 6, 8, 10, and 12 months.

The study found that after four months, the employees training scores were good. They were still able to accurately identify and avoid clicking on phishing emails. Interestingly, after 6 months, their scores started to decline and became worse each month that passed after their initial training.

Regular security assessment and training: Do you have an information security policy? Do your employees have access to this policy? Do they fully understand the required procedures, processes, and the potential consequences if the policy is violated. Does your policy include guidance for staff on how to handle sensitive information? Does it include password security controls, supplier and vendor checks to ensure strict adherence to cybersecurity  best practices? Do your employees understand how to identify, report, and respond to security issues. Do you provide employees with regular cybersecurity training?

While policies may vary for different organisations, ensure that it covers the points above.

Making Office 365 Secure

We are cybersecurity and cloud IT experts focused on providing ISO27001 (the main information), FCA and PCI compliant solutions to businesses in the UK. Our services take full advantage of the cloud and offers numerous benefits, particularly business scalability, lower IT costs, and greater flexibility.

Tivarri offers two fully managed solutions – one based upon Microsoft 365 and the second, a fully hosted desktop solution. Our solutions can provide the solid basis for a secure, scalable, and reliable IT service that can operate wherever the user is located.

Our 12+ years of experience makes us uniquely qualified to help you optimise your Microsoft 365 environment to generate efficiency and ultimately improve business performance.

Contact us today to get learn more.

Tags: No tags

Comments are closed.