Microsoft 365 Security
Microsoft is paving the way for baseline security when it comes to email and productivity applications. From Advanced Threat Protection (ATP) to Multi-Factor Authentication (MFA) to Ransomware Prevention, these security features are essential for any modern business. Read on to learn more about the critical security features your business should implement.
Multi-Factor Authentication (MFA)
Multi-factor authentication for Microsoft 365 is a free and easy tool that requires two or more forms of identity verification when signing into an account or application. Users are prompted to enter a code after their password when signing in. Users will need to set up MFA on their devices – the easiest being via Microsoft’s Authenticator App.
Organizations with Microsoft 365 Business Premium can take MFA one step further with advanced features and settings.
The admin accounts for your Microsoft 365 environment are valuable targets for attack. These accounts should have MFA enabled and should only be used when making administrative changes. Business leaders who have access to these accounts should always sign out after each use and should have a separate email account for day-to-day tasks. Admin account passwords should only be shared with executives who will be making global changes and your trusted IT team.
By default, M365 email accounts have limited protections against malware. However, additional protection settings can be enabled. Many organizations block attachment file types that are known to contain malware. Anti-malware scan engines work to scan incoming email messages for known viruses, spyware, and ransomware. If an email is deemed dangerous, the attachment is quarantined and can only be released by an admin.
Ransomware is the latest buzzword in technology security. This type of malware locks devices and encrypts data, only to release it once a “ransom” has been paid. In M365, rules can be set up to warn users not to open specific file types that are commonly laced with ransomware.
Stop Email Auto-Forwarding
When a cybercriminal gains access to someone’s email, they can configure the mailbox to automatically forward email without the user’s knowledge. Luckily, Microsoft makes it easy to prevent this from happening by creating mail transport rules preventing email auto-forwarding.
When a message is encrypted, the data is scrambled so that only those who possess the key (the intended recipients) can read the message. Emails containing secure or sensitive data should be sent encrypted. With Microsoft 365 your team can send encrypted messages both internally and externally. To send an encrypted message you can either select the encryption options in the permissions, or your organization may configure a way to label emails with key words automatically encrypting the message. When the recipient receives your message, they will receive a note letting them know the message is encrypted and they may need to log in to view it.
Phishing is a virtual attack where cybercriminals try to steal personal information by appearing as legit, credible senders. With Microsoft 365, your organization can set up anti-phishing protection. These features will use spoof intelligence to review messages from senders and block specific domains when they are known threats. Machine learning works to identify potential threats and help stop users from even receiving messages that could be fake.
ATP Safe Attachments
Attachments are commonly shared via email. Because of this, it is easy for cybercriminals to send malicious documents, presentations, PDF files, spreadsheets, and more, sometimes making it difficult to decipher if the attachment is legitimate. Machine learning can help protect you from these dangerous documents by scanning the files and preventing users from opening anything deemed dangerous.
ATP Safe Links
Sometimes malicious information is hidden in a website link within an email. Similar to ATP Safe Attachments, ATP Safe Links uses machine learning to identify potentially harmful links within email messages. These emails are then flagged and cannot be opened by users.
Our team would love to talk more about security best practices and how Microsoft 365 can benefit your organization.
Book a FREE phone call with one of our Technical Account Managers today!