Adoption of Microsoft 365 allows organizations to transition from being reliant with on-premises servers to the cloud.
As more data is stored and transferred through the tenant it is important to have implemented the proper security and compliance organizations require.
1. Enable Multi-factor Authentication (MFA) for user accounts immediately and protect user credentials against attack.
As organizations transition to Microsoft 365 many allow login authentication with just a username and a password.
Organizations assume this will make end user adoption easier and faster and plan to roll out additional authentication methods in the future.
But, organizations using this approach risk:
- Leaving their tenant unsecured for extended periods of times
- Neglecting to enable MFA at all
This results in making account breaches easier, allowing access to system administration and sensitive information.
2. Tune Exchange Online Protection for protection against phishing, spoofing, impersonation, spam, malware, malicious attachments, and embedded links.
Phishing and malware are delivered to users every day.
These techniques spoof leaders in the organization (such as company CEOs or presidents), mimic common email subjects, or copy organization logos to deceive end users.
Tuning Exchange Online Protection needs to be done early in the adoption of Office 365, so that administrators protect users on the new email system, as well as create a baseline for tuning against future attacks.
3. Enable Conditional Access, Intune, and Microsoft Defender to limit high risk user and device access to Microsoft 365 services.
Conditional access makes a check (condition) before granting or denying access to a user or device to Office 365.
These services can limit data exposure on devices, protect against malware, ensure MFA is in use, segment dangerous and trusted networks, and notice suspicious user logon activity.
4. Enable Data Loss Prevention and Information Protection Features Early
Many organizations have regulations and upon moving to Microsoft 365 there have been assumptions that no further controls are needed as Microsoft remains compliant.
As Microsoft systems are compliant, the data transmitted and stored within your tenant still needs to be protected with the security and compliance features Microsoft offers with the proper purchased licensing for your organization.
By enabling these features you’ll be able to measure and identify data exfiltration (credit card numbers, personal identity information, financial data) and create rules to encrypt or block accordingly.
5. Identifying and Configure Alerts within Microsoft Cloud App Security and Azure
Cyber-attacks occur every day targeting all companies across the globe. As alerts and notifications can be overwhelming to monitor and respond to, it is important to have a team in place that can assess those alerts and make adjustments.
Microsoft Cloud App Security alerts add the ability to be notified of malicious insiders, account breach, data exfiltration and other attacks against your organization and configure proactive security playbooks, responding to high-risk events and blocking access to offending users.