Mountain West Farm Bureau Insurance
light shining through trees representing illumination and problem solving by lunavi
BLOG
8
14
2019
9.30.2020

Top Priorities for Securing Office 365

No items found.

Migrating e-mail and productivity apps to the cloud is a no brainer. Continuous updates, access from anywhere, no need to manage the supporting servers and associated hardware…the benefits are clear. As with any IT outsourcing, however, careful planning around security measures is essential. And with your O365 environment exposed to the public internet, security best practices are even more important.

While securing Office 365 is an ongoing effort, there are several top priorities that should be first to be addressed after your migration.
 

Enable MFA

Multi-factor authentication is one of the best ways to add security to user identity and access methods. It is most crucial for administrator accounts, and it is probably not enabled by default. Your Azure Active Directory Global Administrators should have MFA turned on, requiring an additional confirmation via text or call to access their account, which holds the keys to your entire environment.
 

Consider Turning Off Password Sync

If you connect your on-premises Active Directory to the cloud via Azure AD Connect, you can enable password sync. The on-premises credentials then overwrite the Azure passwords. Any successful attack (such as phishing or other social engineering vectors) on-prem could then be used to access your entire cloud environment. It is recommended that once you migrate to Azure AD, you perform all administration within the Azure portal and decom your on-prem AD if possible.
 

Get Your Auditing Set

Be sure to enable unified audit logging within the security center and also enable mailbox auditing for all users. This creates a trail that documents all user and admin activity within mailboxes, helping you keep tabs on IP addresses, host name, and the client used to access the mailbox. Since 2018, mailbox auditing has been turned on by default, but it is worth checking your settings.
 

Add O365 Rules to Warn Against Phishing

Within the Exchange Admin Center, you can create Mail Flow Rules that warn users against potential phishing attempts and also copy the offending email to your security team. You should consider anti-phishing protection as part of O365 Advanced Threat Protection. But you can also DIY some shielding by adding rules that identify incoming messages from outside the organization, but using names or aliases that belong to your employees. Another example would be emails containing URLs that link to suspicious storage, or when the message body contains a clickable image. You can block specific keywords that are common spam or phishing attacks as well as file extensions.
 

Enable Rights Management

If you upload and host sensitive information within your O365 environment – think about what all is in your Sharepoint documents – then Rights Management is one way to encrypt and control those documents. It only allows access to privileged users and even cancels access or editing capabilities after a specified time frame. You can still share and collaborate on files outside your organization, but with Rights Management you have more control over how they are shared and how far they can spread.

 

Office 365 and Azure offer a wide range of information security controls, auditing capabilities, and options to help you keep tabs on your cloud resources and company data. While priorities will shift for each individual organization, the above steps are some of the easiest and most important to take when configuring O365.

Recent Blog Posts

lunavi logo alternate white and yellow
Blog
9.30.2020
8
.
25
.
2020
Patch Automation Comparison: SCCM Orchestration Groups vs. Beekeeper

See how Beekeeper enables additional scheduling and validation functionality compared to Configuration Manager Orchestration Groups.

Learn more
lunavi logo alternate white and yellow
Blog
10.12.2020
8
.
20
.
2020
3 Reasons Ransomware Mitigation is Harder Than You Think

While dodging ransomware may seem as simple as restoring a backup, in practice a large-scale attack is a major mitigation undertaking.

Learn more
lunavi logo alternate white and yellow
Blog
10.5.2020
7
.
29
.
2020
How to Migrate Azure AD Connect to a New Server Within the Same Forest

Senior Technical Consultant Saeed Sheikh describes how to migrate your Azure AD Connect sync from a server you wish to decommission while maintaining settings and the user experience.

Learn more