Microsoft Office 365 Security Best Practices

two men and one woman working at desk with computers

There are many benefits of Microsoft Office 365 (O365), of which productivity is most important.  The recent increase in telework requirements has highlighted the risks associated with cloud applications.  Organizations are failing to apply the appropriate security best practices due to the rapid migration to enterprise collaboration solutions like Microsoft Office 365 making their data and people susceptible to malicious attacks.

The US Department of Homeland Security Cybersecurity and Infrastructure Security Agency notes, “… hasty deployment can lead to oversights in security configurations and undermine a sound O365-specific security strategy…., resulting in increased vulnerability to adversary attacks.”.

Advanced Computer Technologies (ADVANCED) has implemented O365 best practices for all clients within our managed services program. Greater than 80% of all new clients (small to large enterprises) onboarded to our programs did not apply O365 best practices.

Best Practices:  Your organization needs to be implementing these best practices to better secure O365 services:

  • Enable multi-factor authentication for administrator accounts
  • Assign Administrator roles using Role-based Access Control
  • Enable the Unified Audit Log
  • Enable multi-factor authentication for all users
  • Disable legacy protocol authentication when appropriate
  • Enable alerts for suspicious activity
  • Incorporate Microsoft Secure Score
  • Integrate Logs with your existing SIEM tool

The ADVANCED team utilizes these, and additional best practices, to ensure our clients are securely implementing O365 and other cloud solutions.

We are here to help.
If your O365 is secure enough, then keep up the excellent work, if you are unsure, contact us.   

Protect Your Business:  Sign Up to Receive Cyber Security Tips and Insights.