5 Easy Steps to Protect your Microsoft Office 365 Tenant

5 Easy Steps to Protect your Microsoft Office 365 Tenant

In this post we will describe 5 simple steps that every company that uses Microsoft Office 365 should take in order to increase the security of their environment.

1. Activate Multi-Factor Authentication

As we described in the article Prevent Phishing Attacks in Office 365, multi-factor authentication, also called two-step verification, is one of the simplest and most effective ways to increase the security of your Microsoft Office 365 platform.

By sending a verification code to a mobile phone before accessing Microsoft 365, the access by an attacker who has stolen a password is prevented.

Microsoft 365 administrators can activate two-step verification in a simple way, as described in this video:

Source Microsoft https://support.office.com/article/e12187b8-216a-4490-9e3b-df34a06fb787

2. Use Dedicated Administrators Accounts

Admin accounts are very valuable targets for cyber criminals as they have elevated privileges on the Microsoft 365 platform. We recommend administrators to use a separate user account for normal, non-administrative use and that they only use their administrative account when necessary to complete administration tasks.

It is also important that all administrator accounts have multi-factor authentication configured.

In addition, we recommend to close session before and after accessing the Microsoft Office 365 administration portals, or to connect using the incognito mode of the browser.

3. Display Notification when Receiving Email from an External Address

Cyber criminals often pretend to be someone from within the company. An easy way to protect yourself in this case is to notify users when they receive an email from an external email address.

To do so, from the Exchange Online Administration, you should create a mail flow rule with the following criteria:

Condition: the sender is not from the organization

Action: display a notification like “this email comes from an external account, do not open links or attached documents unless you are sure about the content”

Once the rule is configured, when a user sees this notification, he will know that the sender is external, and if it is a suspicious email, they can discard or report it.
Email con aviso de seguridad

4. Block Suspicious Attachments in Emails

From the anti malware configuration of Microsoft Office 365 (https://protection.office.com/antimalware), we recommend modifying the policy established by default, and activate the filtering of attachments files in emails, by type of extension, as described in this video:

Source Microsoft https://support.office.com/article/02b5783a-eea0-42e8-8856-62440718c3f0

5. Block Auto-Forwarding Emails

Hackers who gain access to a user email account often configure their mailbox to automatically forward all email received. This allows them to continue receiving the emails of the attacked user, without using their account and without attracting attention.

To protect yourself against this method, you can create a rule that blocks automatic email forwarding.

To do this, from the Exchange Online administration, create a new transport rule (mail Flow) with the following characteristics, as described in the video:
Condition: if the message properties include message type = automatic forwarding
Action: Block the message, reject the message and include an explanation.

Source Microsoft https://support.microsoft.com/en-us/office/stop-auto-forwarding-emails-in-microsoft-365-f9d693ba-5c78-47c0-b156-8e461e062aa7

(Additional Step) Advanced Security

The security options in Microsoft Office 365 include many more functionalities than those described in this article, but they are more complex when it comes to implement them.

There are advanced protection tools, such as Office 365 ATP (Advanced Threat Protection) that they use AI algorithms to analyze suspicious links and documents, and even analyzes the content of the documents and the links they contain.

Many of these advanced protections are only included in less common Microsoft Office 365 plans, such as Microsoft 365 Business Premium and Office 365 E5. To know the options available in your tenant, you can visit the Microsoft 365 Security Center accessible from https://security.microsoft.com and the Office 365 Security and Compliance portal from https://protection.office.com

Conclusion – do not forget

The steps outlined here are easy to implement and should be applied to your Microsoft Office 365 tenant.

In addition to the actions described here, it is important to remember that the primary aspect of security is the human aspect. All users must have proper notions of security and should know the best practices.

For more information, do not hesitate to contact us:

    I agree to the Terms and Conditions described below

    The personal data that you provide by filling out this form will be processed by IXIT APLICACIONES INFORMATICAS SL as responsible for this website. The purpose of collecting and processing the requested personal data is to send information about the products and services offered by IXIT APLICACIONES INFORMATICAS SL. The legitimation is done through the consent of the interested party. You can exercise your rights of access, rectification, limitation and deletion of the data provided. For more information, please refer to our privacy policy.

    Next Post Previous Post