Stay Secure and Productive: A Deep Dive into Microsoft 365 Security
46% of companies across the globe choose the Microsoft 365 software suite to facilitate productivity (1). With household name solutions such as Word and Excel, alongside more specialist products like Defender and M365 giving businesses everything they need to run efficiently in one place. However, its popularity makes it a tempting target for cyber attackers.
In 2022, research by Kaspersky found that 70% of all recorded cyberattacks came from attackers exploiting vulnerabilities in Microsoft solutions (2). So, if you’re running Microsoft 365 applications in your organisation, you need to set up robust security measures that align with your broader cyber security strategy. The good news is that Microsoft provides a range of solutions and features to protect your business.
Microsoft 365 integrated security works across four key areas of focus, which we’ll cover in more depth later in the article:
- Identity and Access Management
- Threat protection
- Information protection
- Security management
While there’s no magic bullet to keep cyber attackers away from your business, when you utilise the features provided by M365 and follow best practices across all four areas, you can be confident you’re taking all the appropriate steps to safeguard your organisation.
In this article, we’ll look in more detail at how to set up your Microsoft 365 system with security in mind.
Best Practices for Microsoft 365 Security
The cyber security features M365 provides are extremely valuable, but you need to know how to get the most from them. In the following section, we’ll take each of the four key focus areas and explain how to implement and maintain a secure Microsoft 365 environment.
1 – Identity and Access Management
Ensuring that only those authorised to access your Microsoft 365 system can do so should be a cornerstone of your security strategy. M365 offers a variety of ways to help you protect your business from unsanctioned access.
Identity and Access Management
The best way to ensure robust Identity and Access Management on Microsoft 365 is to use Microsoft Entra ID (formerly Azure Active Directory). Entra ID (3) is a cloud-based platform with a range of Identity and Access Management benefits for your organisation, including:
- Single sign-on and multi-factor authentication capabilities
- One central location to manage all users and M365 applications
- Pay-as-you-go pricing model to streamline IT spend
- Flexibility and scalability to add and remove as your business requirements change
- Reporting capabilities to help achieve regulatory compliance
Password Policies and Multi-Factor Authentication
It’s essential your staff use passwords that are not easy to guess and don’t reuse the same passwords between different applications. However, multi-factor authentication (MFA) adds an extra layer to your M365 security. This is because even if a hacker knows your username and password, they can’t gain access to your system.
Here are the two most common methods Microsoft 365 offers to verify identity after the username and password:
- Microsoft Authenticator – A free mobile app that sends the registered user a notification when they log in. The user then responds to the notification to complete verification
- SMS message – M365 sends a text message with a 6-digit code, which the user must enter to complete verification and gain access
If you’re not using MFA already, you should implement it immediately. It’s a quick and effective way to boost cyber security in your organisation.
User Permissions and Access Control
Best practice regarding user permissions and access control is that users should only have access to the solutions and data required to complete their tasks. Microsoft 365 allows admins to set up role-based access controls (RBAC) to allow access to specific applications based on need.
Admins can also sync user permissions to Microsoft Entra ID to manage all permissions (whether on-premise or in the cloud) from one platform.
2 – Threat Protection
M365’s security tools help businesses safeguard against many types of cyber threats, employing advanced threat detection and response techniques.
Threat Protection and Antivirus Features
Cyber-attackers use phishing, malware, false links, cloned emails and other advanced techniques to infiltrate your Microsoft 365 setup. Microsoft Defender (4) helps you get ahead of threats with integrated security measures.
Your M365 account comes preloaded with security settings, which you can customise to suit your requirements. Features include:
- Anti-phishing – AI-powered engine monitors users’ communication patterns to detect suspicious activity more effectively
- Anti-malware – Monitors incoming and outgoing communications to detect spyware, viruses and ransomware in email
- Safe Attachments – Defender’s Safe Attachments tool checks email attachments and documents transmitted via shared cloud drives to prevent malware incidences
- Safe Links – If a user clicks on a link in an email, Safe Links verifies its safety in real-time
Ensure you make use of all these features to minimise cyber threats in your organisation.
Defender for Endpoint
Formerly known as Advanced Threat Protection, Microsoft Defender for Endpoint (5) is a security platform designed to help companies prevent, detect and respond to advanced threats across a range of endpoints, including PCs, laptops, and mobile devices.
Using endpoint behavioural sensors, cloud security analytics and threat intelligence, Defender for Endpoint provides an intelligent layer of protection, monitoring the behaviour of files, applications and web pages on your machine. It also has capabilities to respond in near real-time, reducing the length of time threats can be active in your system.
3 – Information Protection
Microsoft 365 Security excels in data protection, with a range of tools designed to help you keep data confidential and out of the wrong hands. You can also classify and label sensitive information to enable better access control. When the cost of a data breach is more than simply financial, M365 Security puts you in control of your data.
Encryption is an essential component of data security. It means that even if unauthorised users get hold of your sensitive data, they can’t understand it or use it against you.
Microsoft 365 employs several encryption techniques to safeguard your data, including:
- Data at rest – M365 automatically encrypts files stored on your devices, including in mailboxes and shared drives
- Data in transit – When files are on the move, such as when transmitting over email or communicating with a server, M365 employs multiple layers of encryption to keep your information secure
One of the techniques employed by M365 Security is double-key encryption. To decrypt a file, you need both keys to be present. If your organisation holds both keys, an unauthorised user cannot access the data, even if they intercept it.
Regular Updates and Patch Management
It’s essential to keep your Microsoft 365 applications up-to-date with the latest versions. Cyber attackers love old versions of software as there are often vulnerabilities that they can exploit. Software vendors create patches to close those loopholes, but they only work if you update your applications.
Microsoft 365 can take advantage of Autopatch, which automatically updates all your M365 solutions with no input required from you. As well as being a more reliable way to keep your software updated, it means your IT team (if you have one) can focus on tasks that drive your business forward rather than mundane updating tasks.
Data Loss Prevention
Data loss happens when data inside an organisation is transferred, shared or used in a way unintended by the organisation. It can happen due to the actions of an insider or an external data breach. Sometimes, data leaks accidentally, usually due to human error.
Microsoft 365’s data loss prevention solution is Microsoft Purview. Purview Information Protection enables you to:
- Label and classify sensitive data in order to automate data protection measures
- Lock classified sensitive data within your organisation, preventing it from being sent outside your company, whether it’s on purpose or accidental
- Manage all data loss prevention measures from one straightforward platform
- Allows detailed forensic searching for governance and compliance, litigation type scenarios
4 – Security Management
Finally, Microsoft 365 Security provides a centralised platform to help you monitor every aspect of your M365 security, so you can respond to issues more quickly and effectively.
Employee Training and Security Awareness
While you can have the best security tools in your tech stack, you still need your people to be aware of the importance of cyber security. After all, most data breaches result from human error, when someone inadvertently clicks on an infected attachment or responds to a phishing email.
Microsoft 365 provides a vast library of resources to help organisations keep their team aware of best cybersecurity practices. They can help you train your people on the basics, such as picking a password that cannot be guessed. For your technical teams, there are manuals, articles, videos and more on every aspect of M365 security, including Defender, Entra ID and Purview.
Microsoft gives you the tools you need to maintain a secure and productive environment when running your organisation on M365. However, tools alone are not enough. You must formulate a robust cyber security strategy, follow best practices and stay vigilant.
For something as essential to your business as security, you could gain more benefits by outsourcing to a cyber security specialist managed service provider (MSP) to ensure your M365 setup is optimised and aligns with your cyber security strategy.
Doherty Associates are a long-standing Microsoft partner. Our four Solutions Partner designations include Modern Work, this accreditation confirms our technical proficiency in helping our clients boost their productivity and make the shift to hybrid working using Microsoft 365. It means you can trust us to drive innovative and hard-working solutions, powered by the full suite of Microsoft technologies.
See how Doherty Associates can help you realise the full value of Microsoft 365 by visiting our Modern Workplace page.
1 – Statista – Number of companies using Office 365 worldwide as of February 2023, by leading country
2 – Securelist.com – Kaspersky Security Bulletin 2022. Statistics
3 – Microsoft – Azure Active Directory is now Microsoft Entra ID
4 – Microsoft – Defender
5 – Microsoft – Defender for Endpoint
Posted: 18 January 2024