In the first four months of 2024, almost 36 billion records were breached worldwide. That’s nearly 9 billion records per month, and that’s just from known data breaches.
Cyber actors are on the offensive, but thankfully innovative cyber defence solutions are on the rise.
The American tech giant, Microsoft, for instance has been making significant strides to ensure that security is at the forefront of its priorities. They aim to ensure their products, such as Microsoft 365, are resilient against the evolving landscape of cyber threats.
Whilst a lot of businesses out there use Microsoft 365 daily, many are underutilising it by not leveraging its security capabilities which is what we’ll dive into in this article.
How Businesses can Thrive with Microsoft 365
Formerly called Office 365, Microsoft 365 is a comprehensive, cloud-based productivity platform that can be installed on PCs, tablets, and phones. It includes familiar apps such as Microsoft Teams, Word, Excel, PowerPoint, Outlook, and OneDrive.
Australia is currently the third largest user of Microsoft 365 in the world, after the US and the UK. Many Australian businesses rely on it for several reasons:
- Real-time collaboration, document sharing, and communication
- Enhanced security features to protect against cyber threats
- Scalable to your business size and requirements
- Automatic updates, so you always have the latest software versions
- Work from anywhere and on any device, fostering a flexible work environment
We wrote a comprehensive eBook about How Businesses can Utilise Microsoft 365 to Grow. It dives into its most famous apps and provides some tangible examples you can apply to your own operations.
Taking Advantage of Microsoft 365’s Security Features
The range of built-in security features in Microsoft 365 are designed to protect your data and resources. Let’s dive into how you can implement them.
Multi-Factor Authentication (MFA)
MFA adds an extra layer of security to your Microsoft 365 account sign-in. After you enter your password, you will need to enter a code from an authenticator app or sent to your phone.
Here’s how you can set up MFA in Microsoft 365:
- Sign in to the Microsoft 365 admin centre.
- Browse to Identity > Overview > Properties.
- Select Manage security defaults.
- Set Security defaults to Enabled.
- Select Save.
Conditional Access
This is Microsoft’s Zero Trust policy engine that takes signals from various sources into account when enforcing policy decisions. Zero Trust operates on the principle of “never trust, always verify.”
Conditional Access allows you to control from which devices or locations users can access your resources and specify what authentication methods are required to access it.
Authorised administrators can create and enforce conditional access policies through these steps:
- Sign in to the Microsoft Intune admin centre.
- Select Endpoint security > Conditional access > Create new policy.
- Provide a Name for your specific Conditional Access policy.
- Under Assignments, configure Users by selecting the specific users or groups that you want to target with the CA policy.
- Configure Target resources to specify apps and resources you want to protect.
- Set the Conditions under which the protected apps or services can be accessed.
- Under Access Controls, configure Grant to either block or grant access under certain conditions.
- Turn Enable policy to On.
- Select Create.
Threat Protection
Microsoft 365 offers two main threat protection tools:
Microsoft Defender for Office 365
This is a cloud-based email filtering service that helps protect against malware and viruses. It provides protection against zero-day exploits – unknown software vulnerabilities, making it difficult to defend against.
Permitted staff can also use Microsoft Defender to do the following:
- Configure email authentication
- Configure protection policies
- Assign admin permissions
- Set priority accounts and user tags
- Configure user reported settings
- Block and allow entries
- Conduct attack simulation training
- Investigate and respond
Advanced Threat Analytics (ATA)
ATA is an on-premises system designed to protect against advanced targeted cyber-attacks and internal threats. Here are the steps to using it in Microsoft 365:
- Download ATA from the Microsoft Volume Licensing Service Centre or from MSDN.
- Log in to the computer on which you are installing the ATA Centre, as a user belonging to the local administrators group.
- Run Microsoft ATA Centre Setup.EXE with elevated privileges (Run as administrator) and follow the setup wizard.
- If Microsoft .NET Framework is not installed, you will be prompted to install it when you start installation. You may be prompted to reboot after .NET Framework installation.
- Configure the Centre: On the Configure the Centre page, enter the information based on your environment.
Data Loss Prevention (DLP)
DLP in Microsoft 365 helps you identify, monitor, and protect sensitive information across your organisation. DLP has a default policy but you can refine it to your needs.
There are various DLP configuration options, and these are the general steps for authorised personnel to set up a policy:
- Sign in to the Microsoft Purview compliance portal.
- Choose Data loss prevention > Policies > + Create policy.
- Select Custom from the Categories list and the Regulations list. Click Next.
- Fill in the policy Name and Description, then click Next.
- Select details, including where to apply the policy, policy settings, etc.
- After all details have been set up, choose Save.
- Select Next, then Run the policy in simulation mode.
- Then choose Next, Submit, then Done.
Tools and Techniques for Monitoring Security in Microsoft 365
Microsoft 365 Monitoring can increase observability, minimise downtime, and ensure timely detection of cyber security incidents in Perth or anywhere else in Australia. You can leverage tools such as the:
- Admin Centre Dashboards, to monitor the health of Microsoft services used in your organisation
- Microsoft Defender Portal, a unified security platform with tools and response workflows
- Microsoft Secure Score, a security analytics tool that measures your security posture
- Attack Simulator, which simulates various attack scenarios and provides mitigation recommendations
- Azure Advanced Threat Protection (Azure ATP), a cloud-based solution for detecting and investigating security incidents across networks, identifying suspicious user and device activity with learning-based analytics
- ATA Suspicious Activity Playbook, guides administrators on how to investigate suspicious activities, with detailed explanations of different attack techniques
- Azure ATP Suspicious Activity Guide, to help you understand the suspicious activities that Azure ATP discovered in your network
Microsoft Security Best Practices for Data Backups
Managing data backup within Microsoft 365 must become a top priority in your cyber security strategy. We recommend the below data backup best practices:
- Define which applications and data you need to backup, prioritising critical data, based on its importance to business continuity.
- Calculate the amount of data you need to protect, to help you plan your backup storage and schedule.
- Do your backups regularly to ensure that your data is always up-to-date.
- Follow the 3-2-1 backup rule: Have three copies of your data, stored on two different types of media, with one copy stored off-site.
- Set up retention policies to keep your data for a specific period.
- Enable versioning, which is useful for tracking changes and restoring previous versions.
- Ensure that your backup data is secure and encrypted.
- Use software that supports granular recovery, to enable you to restore individual items, not just entire databases or systems.
- Utilise automated backups, to ensure consistent and reliable data backup.
Staying Updated with Security Patches and Updates
Downloading and installing security patches and updates in Microsoft 365 is crucial to ensure the security of your infrastructure. These best practices can level up your security, compliance, performance, and reliability:
- Regular Monitoring: Stay aware of announcements, updates, and upcoming features.
- Use the Right Tools: Utilise tools like the Microsoft 365 Roadmap and the Microsoft 365 Message Centre to stay informed about what is happening.
- Automate Updates: Configure devices to get Office updates directly from the Office Content Delivery Network (CDN) on the internet.
- Use Configuration Manager: This can manage updates to Microsoft 365 apps using the Software Update management workflow.
- On-Premises Updates: Configure Microsoft 365 Apps to get updates automatically from a location on your network, such as a network share.
Fortify Your Business with Microsoft Security Best Practices
Remember, cyber threats are on the rise. However, what this article showed us is that it’s not just about the challenges; it’s about the opportunities that arise from them. Microsoft 365 stands as a testament to this, offering a suite of tools that not only enhance productivity but also fortify cyber defences.
By combining Inspired IT’s cyber security expertise with our deep knowledge of Microsoft 365, we can elevate your cyber defences. Let us customise your security implementations, empower your team and provide you with the support you require. Check out our Microsoft 365 services!