7 ways to optimize Office 365 security and configuration
Is your business utilizing Microsoft Office 365 to its fullest potential? While you may be dipping into the tried-and-true platform for emails and other standard functions, you may be overlooking security features essential to protecting your company’s and customers’ sensitive data.
Below are 7 key features of Office 365 that your business should be utilizing.
1. Multi-Factor Authentication (MFA) to prevent security breaches
Chances are, you’ve experienced the following scenario: You attempt to log into a platform using your username and password as usual. Next, you’re prompted to enter a code that has been sent to a separate device, like a cellphone or laptop. Now, you’re asked to answer a security question you established when initializing your account. In some cases, you may even be asked to scan your fingerprint.
There are many different forms of Multi-Factor Authentication, or MFA — which require two or more steps to verifying your identity when logging into an application, website or other platform — and Office 365 is equipped with them. While the MFA process may seem tedious and time-consuming, it’s an important step to avoid your login credentials being stolen and your account becoming compromised. According to Microsoft, almost 100% of security breach incidents could have been avoided by using MFA.
MFA provides layers of security that cannot be penetrated by hackers, unlike standard username and password verification. This is especially important for businesses with a remote workforce. With more employees working from home on personal devices and unprotected internet systems, hackers can more easily exploit security weak spots.
If an employee’s device is infected with malware at home — and any amount of time passes before your team recognizes the breach – hackers may infiltrate your business’s entire network. But with MFA, you can rest assured that your network is secure, even if you don’t have direct oversight of all your employee’s at-home systems.
More on Multi-Factor Authentication: 6 Reasons You Need Multi-Factor Authentication (MFA)
2. Litigation Holds to shore up your defenses
In the unfortunate event that your business is involved in a legal battle, you will likely be asked to provide electronically stored information (ESI) during the discovery phase. Depending on the nature of the court case, this ESI may include the contents of an employee’s mailbox. But what happens if that employee has deleted all of the contents in their mailbox?
A litigation hold prevents the automatic or accidental deletion of ESI from your network. Normally, when an item is deleted from a mailbox, it is sent to a recoverable items folder where it will remain for a “retention period” before being erased from the mailbox altogether and lost in space forever.
But by configuring a litigation hold, Office 365 will store the original and modified versions of that item, allowing you to access the document if you should ever need it. Even in the worst scenarios — let’s say a disgruntled employee deletes sensitive material before leaving your organization — litigation holds ensure that your data is protected.
3. Online Archives provide a simple way to store information
In addition to keeping electronically stored information for eDiscovery and litigation purposes, many businesses maintain online archives for compliance and regulatory purposes.
One of our favorite features of Office 365 is Exchange Online Archiving, which gives users a separate archiving mailbox that appears next to their primary inbox. This provides a simple way to save items, as employees can access the archive the same way they currently access other mailboxes. To add materials, users can simply drag and drop .pst files to the archive from their regular inbox, and can even access deleted materials.
More on this here: Archive features in Exchange Online Archiving
4. Added features to prevent data loss
Data loss prevention is crucial to the integrity of any business’s tech environment. Fortunately, Office 365 has built-in settings to block anyone at your office from sharing sensitive materials with unauthorized third parties. These settings include restricting sharing with approved emails only, automatically revoking access to shared links and limiting sharing permissions to only certain users.
But sensitive data being leaked is not the only security breach a business must proactively prevent. Equally troublesome is the accidental uploading of high-value data onto your server, which can present a problem even in the most robust security environments.
Fortunately, Office 365 provides several options to deal with data that is not appropriate for upload. Users can notify administrators, allowing them to investigate and act appropriately. Users can also block, quarantine, or permanently delete the file.
5. Easily integrate Calendly & Zoom
Office 365 allows users to integrate two Calendly and Zoom, making it easier than ever to schedule virtual meetings. Calendly simplifies scheduling by creating templates for different types of meetings, but combining it with Zoom creates even more benefits for users.
How many emails have you sent back and forth in hopes to nail down a client’s schedule to identify a workable meeting time? With Calendly and Zoom integration, users can publish their availability in real-time, allowing for efficient and convenient scheduling.
When you choose Zoom for your event location, the room is automatically created and details of the event are included in the invitations. Any changes made to the schedule are automatically reflected in the invitation, avoiding confusion and no-shows.
Integrating these platforms with Office 365 also allows you to set up team-wide meetings to control who hosts them and support regional dial-in numbers for users joining via phone.
Here’s a step-by-step: How to Integrate Zoom with Calendly for Automatic, No-Hassle Meetings
6. Azure Rights Management (Azure RMS) provides cloud-based protection
Office 365 makes use of Azure Rights Management (Azure RMS), a cloud-based protection technology. With Azure RMS, you can protect their files by encryption, authorization and identity policies. You can also set specific levels of protection for different files, such as making a document “read-only” for compliance or regulatory reasons.
The protection offered by Azure RMS works across multiple platforms, such as desktop computers, phones and tablets.
Dig deeper: What is Azure Rights Management?
7. DMARC and DKIM to safeguard emails
With phishing attempts on the rise and many employees working from home, it’s more important than ever to have the proper security around your emails.
Domain-based Message Authentication Reporting and Conformance (DMARC) is an email validating mechanism that tells recipients how to deal with emails that fail either SPF or DKIM verification. A DMARC record is a text entry within the DNS record that tells the world your email domain’s policy after checking SPF and DKIM status. It authenticates if either SPF, DKIM, or both pass.
DMARC allows you to see who and what is using your domain to send emails. It also makes your email easy to identify across DMARC-capable receivers and prevents unauthorized use of your email domain to prevent spam, phishing attempts and fraud.
DKIM (DomainKeys Identified Mail), on the other hand, is a standard for email authentication that proves the legitimacy of your email to whoever receives it. It does this by adding a digital signature to the header of your email which the receiver can then verify.
The benefit of DKIM is that it assures the receiver that the contents of the email have not been tampered with or changed while being sent. DKIM also makes emails from your domain less likely to be filtered to a spam folder, as it improves the reputation of your domain. Finally, DKIM is one of the email authentication methods for DMARC.
Both DMARC and DKIM bring a new level of security and integrity to your email communications.
Instructions: How to Enable DKIM and DMARC for Office 365
Want to optimize your Office 365 system but don’t know where to start? No worries, that’s why the Attentus team is here.
Book a call with us today to get started.