An organisation’s Microsoft 365 tenant is susceptible to many external and insider threats when not properly configured. At every level of licensing there are at least some level of security controls that could be implemented to reduce the risk of attack.
These necessary security controls can be broken down into 6 categories:
- Account Protection & Authentication: including controls only allowing legitimate sign-in activity (for example MFA, geo-block, SSO, self-service password reset) as well as anomaly detection to determine risky sign-ins and at-risk users.
- Application Permissions: which prevents users from integrating third-party applications, installing add-ins, and creating other connections to your Microsoft tenant that should not be allowed.
- Data Management & Storage: which enforces Data Loss Prevention, data classification, and limits external sharing on sensitive company data where appropriate.
- Email Security: to prevent phishing, spam, and malware from being delivered to end users, as well as blocking malicious links from being opened.
- Alerting & Auditing: which provides notifications and reports to administrators of malicious & suspicious events observed across the tenant that could lead to security incidents.
- Mobile Device Management: to ensure that company data access on mobile devices and laptops are always secured and monitored when outside of the organisation.
If you are unsure that your organisation covers these controls, or you want to implement these controls, get in contact with Brace168!