Have you already moved, thinking of moving, or currently migrating to O365 and unsure of what security precautions you should be taking? We run through the basics that all administrators should be implementing.
- Use multi-factor authentication. This is the best mitigation technique to use to protect against credential theft for O365 users. There are a number of different vendors that offer this, whether in the form of physical or virtual tokens.
- Enable unified audit logging in the Security and Compliance Centre. This will give you the ability to view activity per user across all 365 apps.
- Ensure Azure AD password sync is planned for and configured correctly, prior to migrating users.
- Disable legacy email protocols, if not required, or limit their use to specific users. Legacy protocols do not support modern authentication methods with MFA. The protocols include IMAP, POP and SMTP. These protocols can be disabled tenancy wide or per user, if you need to use legacy protocols for certain users.
- Configure Conditional Access. This gives you the ability to block access from certain countries and enforce MFA etc. When studying audit logs, you will see most attacks come from certain countries. Is there ever a time any of your users need to access O365 from China or other well-known sources of attacks? If the answer is no then utilise conditional access to reduce the attack surface of O365.
- Implement Cloud App Security. When data is uploaded to the cloud how do you know its safe virus/malware free? With cloud app security data is scanned and can be quarantined reducing the risk of a user downloading an infected file. Without this level of protection, you are relying on perimeter security if the user is inside the corporate network, then endpoint security which is the last defence. We recommend a layered approach to security, adding multiple layers will increase the chances of a zero-day threat, and potentially stop a threat before it even enters your network.
- Managed anti-spam. Not only does this reduce the volume of spam, malicious content etc, it can also give your employees access to emails if/when Office 365 goes down.
You can find more out about our services here.