#advanced threat protection, #cloud security, #microsoft 365, #office 365 tenant
Online security is given a lot of attention lately, with high-profile hacks and cyberattacks all over the world. Big enterprises are spending more than ever to guarantee reasonable cybersecurity, since the stakes of a breach are very high. But small and medium-sized businesses are often becoming targets of cybercriminals too.
Microsoft 365 Business is a great and affordable solution not only to increase productivity, but to enhance security as well. Here are simple steps that will help organizations using Microsoft 365 Business plan to stay on the safe side.
The biggest threat by far to any Internet user today is human interaction. "Social engineers" are people of ideas -- they may send an email or even make a phone call, convincing the target they are from a reputable company and tricking the victim into handing over sensitive information. So the best you can do to secure your organization is:
You can start your training by reading how to protect yourself from phishing schemes and other forms of online fraud.
Secure score gives you a view of the organization's security posture. This indicator is determined for each organization automatically and shows how it is doing in terms of security. The Secure Score also provides an analysis of possible threats and gives recommendations on how to improve the situation and get a better score. You can choose which recommendations to follow at what time, so it's very flexible and depends on the company's needs.
If you want to know more about how to find and fix risks in Microsoft 365 with Secure Score, please see here.
Two-step authentication is one of the simplest methods to protect an account, because even if hackers get hold of a password, the second layer of defense will still protect the account, because it uses:
It is always up to you and your users to decide how to deploy MFA in the most convenient way. Sometimes, however, it might take time and effort to puzzle out the settings, so our specialists will gladly help you in case you need advice.
Keep in mind that administrative accounts include more privileges and thus naturally present more valuable targets for hackers. So admin account should be:
Microsoft 365 already has built-in malware and spam filters, but there's no limit to perfection, and you can additionally:
Ransomware is a malignant piece of code that may block access to your corporate data, attachments, or devices, and demand a ransom (most commonly in cryptocurrency) to restore the access. But organizations won't necessarily regain their access even if the money is paid, so it's obviously better to prevent this type of threat than to deal with the consequences. You can prevent it from happening by:
Auto-forwarding may result in data leakage or even data loss, so it is safer to turn off this capability for your employees. Creating a transport rule blocking any auto-forward message types is among the simplest and handiest ways to do it. The following article can give you a better idea on how it works.
The information pointing out who was logging in, sending emails or performing other mailbox activities may turn out to be very useful for identifying suspicious behavior and possibly showing that an account was compromised. So if you want to keep up with various mailbox activities, you will need to enable mailbox auditing in Microsoft 365 and get the full picture.
Follow these simple steps and secure your workplace to achieve more. If you want to learn how to secure your business even more, please read the article about Microsoft 365 and the set of advanced features it offers to get the best possible experience.
2019-01-10