According to Microsoft, using Multi-Factor Authentication reduces 99,9% of account compromise attacks within Microsoft 365. Many companies know Multi-Factor Authentication is the right security solution, but what about other security measures?
Here are my top five security measures any company needs to take within Microsoft 365. I even made a downloadable infographic about it.
I want to start by saying that security awareness could easily be number one. I wanted to create a technical top five, but I can not miss out on security awareness as it is essential within any company.
Any given employee needs to be able to identify a threat. Security awareness training helps raise employees’ awareness to identify risks, and the employee then knows what to do when it comes to handling the threat or who to contact.
Security Operations Center
One of the most significant benefits of having a Security Operations Center (SOC) is twenty-four seven monitoring. Hackers do not have a nine to five mentality nor work from Monday till Friday. Is there a follow-up on a security threat on a Saturday at ten PM, or do you have to wait for employees to complain on Monday that they can not access their data due to ransomware? Monitoring your environment twenty-four seven is crucial within any company.
SPF, DKIM and DMARC
Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting, and Conformance (DMARC) are configurations to lower incoming phishing e-mail delivered in the inbox of the user. It is relatively easy to implement and does not come with additional costs. Since a lot of attacks use phishing, implementing SPF, DKIM, and DMARC is a must.
Multi-Factor Authentication and Legacy Authentication
Multi-Factor Authentication and Legacy Authentication go hand in hand since Legacy Authentication does not support Multi-Factor Authentication. So implementing Multi-Factor Authentication is not enough as Legacy Authentication should be disabled as well.
According to Microsoft, more than 99 percent of password spray attacks use legacy authentication protocols, and using Multi-Factor Authentication reduces 99,9% of the attacks within Microsoft Office 365.
In combination with secure awareness, Multi-Factor Authentication and disabling Legacy Authentication is a must within any Microsoft 365 environment.
There are many security measures a company can take. In my opinion, these are the five minimum Microsoft 365 security measures every company needs to take.