MICROSOFT 365: Are your security best practices up to scratch?

There is no doubt that Microsoft 365 gives your organisation the boost it needs when it comes to workplace productivity and operational acumen, but are you really doing your part to ensure your organisation remains protected? As a user, there is a certain level of responsibility that lay at your feet to guarantee your organisation gets the most benefit from the full array of security features that Microsoft 365 has to offer. So, what are 4 Microsoft 365 security best practices that you should have in place?

Conditional Access Configuration

Security is a growing issue for a lot of businesses, but there is a way that you can continue to successfully close the channels of access to cybercriminals and that is through configuring conditional access. Chances are that you may have noticed suspect remote logins at some point, especially with the increase in remote work. By NOT configuring conditional access policies, your organisation will remain at risk and these security breach attempts could increase.

Conditional access gives administrators the ability to designate controls for certain applications, actions, and authentication procedures. Having clearly defined access policies and the necessary enforcement of such controls ensures that your organisation is blanketed with an additional layer of security to protect your critical data and application access.

Use Mobile Device Management (MDM) & Mobile Application Management (MAM)

Organisations should be going beyond simple endpoint wiping in the event of device theft or loss. While this may be suitable for personal users, an increase in users, endpoints, data, and applications makes this a less than desirable approach for growing businesses. However, with Microsoft Intune, you can retain more control over your endpoint devices by allowing or denying access to applications and corporate data on an individual basis. Intune also lets you update and deploy policies to endpoints which can then be accessed by users by logging in to their work accounts.

Turn on OneDrive Folder Protection

Backups are obviously a smart way to guarantee your sensitive data is accessible and protected at all times, but by turning on OneDrive Folder Protection, you can backup individual user’s desktop and document folders to the Cloud. With a Cloud backup, any VPN tunnelling and latency problems resulting from poor connectivity are removed. There is also the added benefit that OneDrive keeps 100 versions of each file, so if a device becomes infected, it is easier to get back to business faster as the versions can be rolled back, and the device reimaged.

Use Role-Based Access Control

Role designation in Microsoft 365 should be standard practice, but you may be misusing the function. Not all employees require access to all data because their positions and tasks are not the same. Consequently, you should be designating specific roles based on which tasks an employee needs to complete or which data they need to access in their role. The biggest mistake you could make is by giving the same access to everyone in the company, such as the Global Admin role.

Global Admin allows users reasonably unhindered access to most management features and data across Microsoft online services. This could result in large-scale security breaches if an endpoint device is infiltrated. So, to protect your company and the critical data you have, you should review what access each user actually needs and assign a role based on their specific needs. Therefore, should a device experience a breach, the role enabled restrictions will prevent the attack from rippling through all devices, applications, and systems.

Best practices offer the best protection

Keeping your organisation safe online is a collaborative effort between the inbuilt security features that Microsoft offers and your own best practices. By engaging the security best practices listed above, you can be assured that you are doing everything you can to thwart security breaches which could end up costing your company more than just money. At INTELLIWORX, we have the expertise you need to assess your security preparedness and practices to make sure your organisation retains a high level of online security. Give the team a call today to see what they can do for you.

Shane Maher

Shane Maher is the Managing Director at Intelliworx, responsible for providing overall business direction and supporting businesses in their digital transformation journey. Shane specialises in empowering businesses by providing comprehensive IT support and developing cutting-edge infrastructure solutions. His expertise lies in guiding MSPs through the transition to cloud services, leveraging the power of cloud technologies to enhance business operations. Shane's passion for supporting businesses' IT infrastructure and his extensive knowledge in cloud computing make him a valuable asset in driving successful digital transformations. With his wealth of knowledge and experience, he is committed to driving IT success for clients and helping them navigate the evolving technological landscape.

MANAGED IT

IT Support

Managed Network

Managed Endpoints

MICROSOFT

Microsoft 365

Azure Virtual Desktop

Azure

Modern Workplace

Copilot AI

Microsoft 365 Backup

CYBERSECURITY

Security Operation Centre

Secure Access Service Edge

Business Continuity & Disaster Recovery

Patch management as a Service

CLOUD CONSULTING

Cloud Migration

Cloud Security

Cloud Optimisation

IT CONSULTING

Digital Transformation

Change Management

Project Management

INDUSTRY OVERVIEW

NON-FOR-PROFIT

FINANCIAL SERVICES

PROFESSIONAL SERVICES