The landscape of work is continuously changing, and Microsoft 365 is spearheading the transformation in…
MICROSOFT 365: Are your security best practices up to scratch?
There is no doubt that Microsoft 365 gives your organisation the boost it needs when it comes to workplace productivity and operational acumen, but are you really doing your part to ensure your organisation remains protected? As a user, there is a certain level of responsibility that lay at your feet to guarantee your organisation gets the most benefit from the full array of security features that Microsoft 365 has to offer. So, what are 4 Microsoft 365 security best practices that you should have in place?
Conditional Access Configuration
Security is a growing issue for a lot of businesses, but there is a way that you can continue to successfully close the channels of access to cybercriminals and that is through configuring conditional access. Chances are that you may have noticed suspect remote logins at some point, especially with the increase in remote work. By NOT configuring conditional access policies, your organisation will remain at risk and these security breach attempts could increase.
Conditional access gives administrators the ability to designate controls for certain applications, actions, and authentication procedures. Having clearly defined access policies and the necessary enforcement of such controls ensures that your organisation is blanketed with an additional layer of security to protect your critical data and application access.
Use Mobile Device Management (MDM) & Mobile Application Management (MAM)
Organisations should be going beyond simple endpoint wiping in the event of device theft or loss. While this may be suitable for personal users, an increase in users, endpoints, data, and applications makes this a less than desirable approach for growing businesses. However, with Microsoft Intune, you can retain more control over your endpoint devices by allowing or denying access to applications and corporate data on an individual basis. Intune also lets you update and deploy policies to endpoints which can then be accessed by users by logging in to their work accounts.
Turn on OneDrive Folder Protection
Backups are obviously a smart way to guarantee your sensitive data is accessible and protected at all times, but by turning on OneDrive Folder Protection, you can backup individual user’s desktop and document folders to the Cloud. With a Cloud backup, any VPN tunnelling and latency problems resulting from poor connectivity are removed. There is also the added benefit that OneDrive keeps 100 versions of each file, so if a device becomes infected, it is easier to get back to business faster as the versions can be rolled back, and the device reimaged.
Use Role-Based Access Control
Role designation in Microsoft 365 should be standard practice, but you may be misusing the function. Not all employees require access to all data because their positions and tasks are not the same. Consequently, you should be designating specific roles based on which tasks an employee needs to complete or which data they need to access in their role. The biggest mistake you could make is by giving the same access to everyone in the company, such as the Global Admin role.
Global Admin allows users reasonably unhindered access to most management features and data across Microsoft online services. This could result in large-scale security breaches if an endpoint device is infiltrated. So, to protect your company and the critical data you have, you should review what access each user actually needs and assign a role based on their specific needs. Therefore, should a device experience a breach, the role enabled restrictions will prevent the attack from rippling through all devices, applications, and systems.
Best practices offer the best protection
Keeping your organisation safe online is a collaborative effort between the inbuilt security features that Microsoft offers and your own best practices. By engaging the security best practices listed above, you can be assured that you are doing everything you can to thwart security breaches which could end up costing your company more than just money. At INTELLIWORX, we have the expertise you need to assess your security preparedness and practices to make sure your organisation retains a high level of online security. Give the team a call today to see what they can do for you.
This Post Has One Comment
“There is also the added benefit that OneDrive keeps 100 versions of each file” – do you mean it keeps the last 100 changes you made to a document?