Teck Genius
  • HOME
  • ABOUT
  • SERVICES
    • IT Support
    • Managed Services
    • Cloud Services
    • Cyber Security
    • Voice and Data
    • IT Consultancy
    • vCTO
  • SECTORS
    • IT Support for Architects
    • IT Support for Charities
    • IT Support for the Education Sector
    • IT Support for Financial Services
    • IT Support for Legal Services
    • IT Support for the Professional Services Sector
    • IT Support for the Property Sector
  • NEWS
  • CONTACT
0345 314 2001
Teck Genius
  • HOME
  • ABOUT
  • SERVICES
    • IT Support
    • Managed Services
    • Cloud Services
    • Cyber Security
    • Voice and Data
    • IT Consultancy
    • vCTO
  • SECTORS
    • IT Support for Architects
    • IT Support for Charities
    • IT Support for the Education Sector
    • IT Support for Financial Services
    • IT Support for Legal Services
    • IT Support for the Professional Services Sector
    • IT Support for the Property Sector
  • NEWS
  • CONTACT
0345 314 2001
  • HOME
  • ABOUT
  • SERVICES
    • IT Support
    • Managed Services
    • Cloud Services
    • Cyber Security
    • Voice and Data
    • IT Consultancy
    • vCTO
  • SECTORS
    • IT Support for Architects
    • IT Support for Charities
    • IT Support for the Education Sector
    • IT Support for Financial Services
    • IT Support for Legal Services
    • IT Support for the Professional Services Sector
    • IT Support for the Property Sector
  • NEWS
  • CONTACT
Archives
  • May 2022
  • April 2022
  • March 2022
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
Categories
  • Cloud Services
  • Cloud Support
  • Cyber Security
  • Hosting
  • IT Support
  • Managed Services Provider (MSP)
  • Technology Solutions
12 Ways to Secure your Office 365 / M365 Tenant in 2021
Teck-Genius-Office-365-Security
  • Cloud Services
  • Cyber Security

  How to Secure your Office 365 / M365 Tenant

 

Microsoft Office is probably one of the most used software suites for collaboration and communication within businesses. Its history goes back decades and has been a software solution that has evolved based on user demand and behaviours. At times it has wanted when it comes to security and vulnerabilities, but that has been addressed in the past 5 years by Microsoft.

With the advent of cloud services and, more specifically, Public Cloud > Software as a Service, Microsoft has taken the capability to further heights. It has been able to make the software more feature-rich and also allow it to operate online. However, that alone brings a raft of security issues and concerns that a business needs to be cognisant of.

Teck Genius have put together a list of things you can do make your Office 365 tenant more secure and further reduce your cybersecurity risk.

12 steps to securing your Office 365 tenant

 

1. User training and awareness: Your business has assets, and those assets need to be protected. Your users are your biggest gatekeepers from security compromises, but they are only as good as the training and awareness they have received. Ignore these at your peril.

2. Password policies: Often overlooked, a robust password policy can significantly reduce your cyber threat exposure. Ensuring that password complexity and password changes are part of the policy are essential.

3. Access security: Multi-Factor Authentication should be a capability all companies deploy across their company. It allows you to secure your accounts by a) giving you a different authentication mechanism to confirm the user is who they say they are and b) provides an element of risk mitigation in the even of a users credentials compromised.

4. Conditional Access: A capability that Microsoft introduced in Office 365 that offers significant protection from potential compromise. The location-based restriction is becoming more prevalent in the cybersecurity space, whereby access to services are only allowed from specific countries. Nations that have a history of hacking behaviour are essentially blocked from even reaching the service.

5. Anti-virus and malware protection: Office 365 offers various levels of protection against all threats. It is able to provide protection across devices and also within the actual service itself. For example, phishing is something that dupes users in entering details or downloading files. Office 365 has security capabilities that detect this and stop it before it even gets to your inbox.

6. Encryption: The use of encryption across Office 365 services is seamless and easy to implement. Microsoft has made its use of encryption and decryption an inbuilt core capability. Adopting this functionality amongst your users is highly recommended.

7. Restricted admin accounts: It’s surprising how many companies we come across that have users who log in to systems by default as full admins. This particular practice introduces serious risk in the event of a compromise on the device. Being logged in with administrator privileges would allow any malware or virus to execute commands freely without any control. Hence, you must limit the number of elevated accounts that users use.

8. Logging, auditing and notification: Being informed about events across your Office 365 tenant should be of interest to your IT support and cybersecurity teams. With Office 365 you can be notified of several activities or events that occur in the tenant. User password changes, successes, failures, locations, services, lockouts are just a few that can provide immense value.

9. Auto forward restrictions: Many of the malware actions do include the ability to spread themselves across network shares and emails. By default, auto-forwarding is enabled in Office 365, there is a risk that your users can inadvertently forward infected files. Leveraging the policy-based capability in Office 365 can limit \ remove this whereby you would be limiting the blast zone of any compromise.

10. Sender and receiver validation. Secure mail flow is essential for any business that relies on emails. By default, an email system will most likely accept emails from any sender, and therefore, you are always at risk from opportunist hackers. Setting up SPF, DKIM and secure DNS are all protective configurations that can further reduce your risk of inbound threats.

11. Multi-vendor protection: We see increased amounts of threats across the Internet which on occasion do attack specific systems. Teck Genius can work with you by putting together a service/solution that can take advantage of hybrid solutions that increase the protection level.

12. Data classification and rights management: Controlling who and where your data goes should be of interest to your business. Data leakage is a big issue, and without the right controls and policies, you can expect your information to leave your business to external locations. Leveraging IRM within office 365 can reduce your data’s risk of being in the wrong hands and seen by unintended eyes.

We hope this has been a thought-provoking article and we would welcome the opportunity to work with you in securing your Microsoft services. For more information or a no-obligation chat please contact us here.

teckgenius-managed-aws-provider
teckgenius-managed-cloud-azure
teckgenius-dell-support-services
teckgenius-hp-IT-support
teckgenius-microsoft-support
teckgenius-cisco-support
teckgenius-Bitdefender-support
teckgenius-fortinet-support
teckgenius-SAP-support
teckgenius-symantec-support
teckgenius-veeam-support
12 ways to secure your Office 365 / M365 tenant in 2021

Comments are closed.

Recent Posts
  • West London IT Services
  • West London IT Help
  • Remote IT Support West London
  • Outsourced IT Support West London
  • Onsite IT Support West London
Recent Comments
    Avatar of Teck Genius
    Teck Genius March 1, 2021
    No Comment
    The 7 Benefits of Cloud Email Security for your Business
    8 Cloud Computing Benefits for Small Businesses
    About Us
    Address

    Teck Genius Ltd
    86-90 Paul Street
    London EC2A 4NE

    Contact Info
    • Mon - Fri | 0900 - 1730
    • 0345 314 2001
    • contact@teckgenius.co.uk
    Links
    IT Support Essex
    IT Support London
    IT Support United Kingdom
    IT Support for Architects
    IT Support for Charities
    IT Support for the Education Sector
    IT Support for Financial Services
    IT Support for Legal Services
    IT Support for the Professional Services Sector
    IT Support for the Property Sector
    Outsourced IT Support London
    24-Hour IT Support
    Remote IT Support
    IT Company London
    IT Support for Central London
    IT Support East London
    IT Support for North London
    IT Support for West London
    IT Support in South London
    Terms and Conditions
    Privacy Policy & Cookie Policy
    © 2021 Copyright All Rights Reserved | Teck Genius