Business Insights: Top tips for improving your Microsoft 365 security
Following on from our Threat Horizon 2023 webinar, we caught up with Cyber Security and Solutions Architect AJ Johnstone to chat about how businesses can harden their Microsoft 365 security. “In 2022, IT Hotdesk conducted a cyber security survey focusing on businesses in Aberdeen City and Shire. And one of the most concerning things we have found is that businesses of all sizes still do not have a cybersecurity strategy. We appreciate that budgets can be tight, especially given the current climate, so to try and help you out, I’ve curated a list of top tips for improving your Microsoft 365 security”.
Assess your cyber security strategy with Microsoft Secure Score
The first step of any cyber security strategy is assessing your current setup. This is where Secure Score comes in. The easiest way to think about Secure Score is that it’s like a credit score for Microsoft, and even if the score is low right now, a few simple steps could help significantly.
Secure score will look at the different services your business uses (e.g., Exchange, SharePoint, Teams) and your settings and activities compared to Microsoft’s baseline. You’ll then receive a score based on how aligned you are with the best security practices.
If you receive a low score, you should contact an IT professional for IT support. However, we appreciate that budgets can be tight. If this is the case, we recommend taking the following steps to protect your business:
Introduce identity access and management (IAM)
Identity access and management are steps that businesses can add as preventative measures when designing their IT strategy. This could include:
• Multi-factor authentication (MFA)
Adding multi-factor authentication to your IT strategy is a great way to protect your data. In addition to a username and password, your team will be required to enter an authentication code that they have been sent via SMS or on a mobile app.
This added layer of protection will give you the confidence that the person accessing your company’s data is authorised to do so.
• Azure ID Identity Protection
Azure ID keeps a constant eye out for any unusual account behaviour. The signals generated by and fed to Identity Protection can be further fed into tools like Conditional Access to make access decisions or fed back to a security information and event management (SIEM) tool for further investigation.
• Conditional Access
Implementing Conditional Access is a great way to protect your company’s more private information. Conditional Access is precisely what it says on the tin; users must meet specific criteria before accessing the corporate network. Microsoft can compare requests to risk profiles before making a decision.
Users can access their systems quickly and securely when businesses add conditions to their accounts. For example, if John Smith from finance always accesses his Excel sheets from his laptop from the office in Aberdeen, you can set the condition that when he uses his laptop to access these files when connected to the office internet, he can log in without 2-factor authentication.
Add levels of threat protection
The most common mistake businesses make is assuming that installing an antimalware program and setting up a firewall is enough to keep cybercriminals out. Unfortunately, this is not the case.
Reacting to the ever-evolving cyberthreat landscape, Microsoft 365 has developed a range of technologies for you to implement, including:
• Azure Active Directory (AAD)
The Azure Active Directory helps businesses to manage user identities and access Microsoft 365 resources.
The fully managed multi-tenant service allows organisations to manage users, groups, and applications, providing secure access to resources inside and outside your business.
This can include multi-factor authentication, which we covered above and:
• Single Sign On (SSO), where users can access multiple applications with one set of credentials
• Application management, where administrators can manage access to applications and resources
• Device management, administrators can manage resource access based on the user's device.
Integrating your cloud AAD with on-premises AAD environments allows you to provide a hybrid identity solution, allowing users to access both cloud and on-premises resources with the same set of credentials.
• Azure Security Center (ASC)
Centralise your cloud workloads' security management and threat detection with ASC and benefit from proactive monitoring and immediate resolution of any issues that may develop.
• Configure exchange online protection
By configuring exchange online protection, your system will block an email if the SPF record fails from the sender, meaning that any spam/junk mail will be delivered to your ‘junk mail’ folder.
Invest in your team
Even with every system in place, if your team has not been trained in security awareness, it’s likely that they will not know the different threats to look out for.
With 95% of successful phishing attacks directly resulting from human error, educating your staff will have one of the most significant impacts on protecting your business.
In addition to security awareness training [link to the page], you can also introduce:
• Azure Information Protection (AIP)
Azure Information Protection helps you discover, classify, protect, and govern sensitive information wherever it lives or travels, which is especially important regarding data protection.
• Warning banners on emails
One of the easiest ways for a cybercriminal to get into your systems is to pose as a staff member, using an email address so similar that people will not notice the difference when reading it in a hurry.
By introducing warning banners, users can see when mail is coming from outside your organisation which will act as a warning that the email could be unsafe and that they should double-check the source before clicking links or downloading files.
Keep up to date
Technology is continually changing, which can feel a bit consuming. But if you regularly back up your data and implement any software or security updates, your business will benefit significantly.
