O365 Security Overview

Office 365 is a popular cloud-based productivity suite that offers many benefits for businesses of all sizes. These Top 5 Security Settings in O365 should help you get started on your path towards a more secure cloud. However, with great power comes great responsibility. As an O365 administrator, you need to ensure that your organization’s data and users are protected from cyber threats and unauthorized access. In this blog post, we will share with you the top 5 security settings in O365 that you should configure to enhance your security posture and reduce your risk exposure.

1. Enable multi-factor authentication (MFA). MFA is a simple but effective way to prevent account compromise by requiring users to provide an additional factor of authentication besides their password, such as a code sent to their phone or email, or a biometric verification. MFA can stop attackers from accessing your O365 account even if they have your password. You can enable MFA for all users or specific groups in the Azure Active Directory portal.

2. Set up conditional access policies. Conditional access policies allow you to control who can access what resources in O365 based on certain conditions, such as location, device, app, or risk level. For example, you can block access to O365 from untrusted locations or devices, or require MFA for high-risk sign-ins. You can create and manage conditional access policies in the Azure Active Directory portal.

3. Configure data loss prevention (DLP) policies. DLP policies help you prevent sensitive data from leaving your organization or being shared with unauthorized parties. You can define what types of data are sensitive, such as credit card numbers, social security numbers, or health records, and what actions are allowed or blocked when such data is detected in O365 apps, such as Outlook, SharePoint, OneDrive, or Teams. You can create and manage DLP policies in the Microsoft 365 compliance center.

4. Enable audit logging and alerts. Audit logging and alerts help you monitor and respond to suspicious or malicious activities in your O365 environment. You can view and search audit logs for various events, such as user sign-ins, file downloads, mailbox access, password changes, or admin actions. You can also set up alerts to notify you when certain events occur, such as a user logging in from an unusual location or a file containing sensitive data being shared externally. You can access audit logs and alerts in the Microsoft 365 security center.

5. Review and update your security settings regularly. Security is not a one-time task but an ongoing process. You should review and update your security settings regularly to keep up with the changing threat landscape and best practices. You can use the Microsoft Secure Score tool to assess your current security posture and get recommendations on how to improve it. You can also use the Microsoft Security Roadmap to plan and prioritize your security initiatives. You can access both tools in the Microsoft 365 security center.

These are some of the most important security settings in O365 that you should configure to protect your organization’s data and users. By following these steps, you can enhance your security posture and reduce your risk exposure in the cloud.

How to Avoid Ransomware

Ransomware is malware installed on your machine intended deny access to your critical files. Once you can’t access you documents, pictures, and music the attacker offers to release the files back to you for a fee. Sometimes the fee might be several hundred dollars, but for businesses the fee might be in the millions.

The attacker uses fairly standard attack methods to install software on your computer that scans your system for specific file types, then encrypts the files using a method that is usually not recoverable. Then the malware will present you with a key value to redeem for a decryption key. If you present your key and the appropriate fee, the cyber criminals provide you with a decryption key that makes you files available again. Usually. Sometimes you pay and they don’t respond or the key that is provided doesn’t work correctly.

There are some specific things you can do to make the risk much smaller of a successful attack on your computer, as well as ways to make the impact smaller so you might not have to pay the ransom. Some of these are easy for a non-technical user to tackle, but others are better suited for technical personnel at a business or government agency.

Inexpensive Ways to Reduce Ransomware Attack Success
  • Backup Your Important Data – If you have a backup of your data that hasn’t been encrypted, you probably won’t have to pay the attacker a fee. Depending on how often your data changes, you might be able to perform a weekly backup (there is a utility built into Windows 10, or you can buy a program that doesn’t a backup either to an external hard drive or the cloud). Keep backups separate from your computer so that a successful attack won’t have access to the backup files. If your files get encrypted, you can safely reload Windows 10 onto your computer and copy your files from the backup to the clean laptop.
  • Enable Microsoft DefenderMicrosoft Defender is included with Windows 10. It has some powerful feature to protect your computer from malicious attacks, but only if they are enabled and properly configured. Enable controlled folder access to prevent unauthorized applications from modifying protected files, turn on cloud-delivered protection and automatic sample submission for better protection, and enable tamper protection to prevent the protection from being disabled when you need it the most.  You should also enable the attack surface reduction rules in Defender, including rules that block ransomware activity and other activities associated with and attack.
  • Protect Systems – Don’t have anything directly on the internet that isn’t correctly hardened and patched to prevent an easy attack surface. If you don’t know how to properly configure a server or other infrastructure item, don’t guess because the hackers know what they are looking for when they stage an attack.
  • Use MFA – Enable Multi-Factor Authentication (MFA) when possible. Many online sites now allow you to enable this extra protection that requires you to know your standard account password as well as have possession of a specific device to successfully log into their systems. This can be really handy to prevent someone guessing your password and accessing your Facebook, Twitter, or O365 account from anywhere in the world.
  • Education – Educate yourself on how to detect and avoid phishing emails and potentially malicious websites.

Continue reading “How to Avoid Ransomware”

12 Cybersecurity Tips to Stay Secure on the Internet

The internet is a wonderful place full of free information, endless entertainment, and useful ways to communicate with you family and friends. There are also people that want to use that wonderous virtual environment to attack the cyber-weak and take what they have for their own profit. You see the news stories almost weekly, where another company has been breached and their customer data has been stolen, stores where companies have been attacked with ransomware and all their files are encrypted until they meet their attackers demands, or just average users bombarded with phishing emails or robocalls.

People don’t always know what they can do protect themselves, so I have collected 10 simple tips that will help guide the average user to a safer cybersecurity profile that will help protect their valuable systems and data from cybercriminals.

Basically speaking, when you want to secure a user, a family, or an entire company you have to first secure the perimeter, then secure the data that enters and exits through that perimeter. Just a few years ago that perimeter was much smaller and easily defined, but with todays services relying on the internet for almost all information like news, weather, movies, emails, file storage, gaming, etc. that perimeter is larger than ever before.

You need to think about how you use the services and systems that you have access to each day and determine what data you share has value, what processes are at a high risk, and how a malicious user might monetize your activity. One basic example is you may use your personal computer to access your bank to transfer money from checking to savings.  The risk is your computer may be compromised and that might allow a hacker to gain access to your bank account to transfer your money to their bank account. A hacker might just gain access to your password and is then able to use your email address and stolen password to log into your bank account from anywhere in the world to open new accounts to borrow massive amounts of money in your name. Continue reading “12 Cybersecurity Tips to Stay Secure on the Internet”

Multi-Factor Authentication (MFA) for Office 365

What is Multi-Factor Authentication

Multi-factor authentication (MFA) is basically an authentication method in which a computer user is granted access to computer systems only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something the user and only the user knows), possession (something the user and only the user has), and inherence (something the user is). This is usually implemented by the user providing the traditional password along with another form of authentication, usually in the form of something they have. In most modern implementations this requirement is accomplished using a one-time code or authentication application the user has access to on their mobile device.

Using Multi-Factor Authentication

With O365 resources being available from anywhere in the world, it brings great opportunity for a business to operate without boundaries or time zones. As a business expands or business users travel they have unrestricted access to documents, data, and online services from everywhere on the planet. What cyber-security professionals know is that this flexibility also provides criminals the same access opportunities to steal your data from anywhere in the world.

Continue reading “Multi-Factor Authentication (MFA) for Office 365”

%d bloggers like this: