Microsoft 365 Top 5 Security Best Practices

According to Microsoft, using Multi-Factor Authentication reduces 99,9% of account compromise attacks within Microsoft 365. Many companies know Multi-Factor Authentication is the right security solution, but what about other security measures?

Here are my top five security measures any company needs to take within Microsoft 365. I even made a downloadable infographic about it.

Infographic

Security Awareness

I want to start by saying that security awareness could easily be number one. I wanted to create a technical top five, but I can not miss out on security awareness as it is essential within any company.

Any given employee needs to be able to identify a threat. Security awareness training helps raise employees’ awareness to identify risks, and the employee then knows what to do when it comes to handling the threat or who to contact.

Security Operations Center

One of the most significant benefits of having a Security Operations Center (SOC) is twenty-four seven monitoring. Hackers do not have a nine to five mentality nor work from Monday till Friday. Is there a follow-up on a security threat on a Saturday at ten PM, or do you have to wait for employees to complain on Monday that they can not access their data due to ransomware? Monitoring your environment twenty-four seven is crucial within any company.

SPF, DKIM and DMARC

Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting, and Conformance (DMARC) are configurations to lower incoming phishing e-mail delivered in the inbox of the user. It is relatively easy to implement and does not come with additional costs. Since a lot of attacks use phishing, implementing SPF, DKIM, and DMARC is a must.

Multi-Factor Authentication and Legacy Authentication

Multi-Factor Authentication and Legacy Authentication go hand in hand since Legacy Authentication does not support Multi-Factor Authentication. So implementing Multi-Factor Authentication is not enough as Legacy Authentication should be disabled as well.

According to Microsoft, more than 99 percent of password spray attacks use legacy authentication protocols, and using Multi-Factor Authentication reduces 99,9% of the attacks within Microsoft Office 365.

In combination with secure awareness, Multi-Factor Authentication and disabling Legacy Authentication is a must within any Microsoft 365 environment.

Conclusion

There are many security measures a company can take. In my opinion, these are the five minimum Microsoft 365 security measures every company needs to take.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s