The 5 Most Important Office 365 Security Features You Need to Enable Immediately
Office 365 is now the most used enterprise cloud service. In fact, 81% of organizations globally are using cloud services, 56% of which are using Office 365. With so many organizations using the cloud, data security is the number one concern. This concern is also the main issue holding back total cloud adoption worldwide.
To address this, Microsoft has provided several built in security features for Office 365. In this article we discuss the 5 most important Office 365 security features for keeping your sensitive company data safe.
1. Office 365 Message Encryption
Office 365 Message Encryption allows you to send and receive emails securely. This stops an attacker from reading or modifying emails that are sent or received. Without encryption, emails are sent as plain text. If they are intercepted by an attacker, there is nothing stopping the attacker from reading or modifying the contents before it gets to the recipient.
With encryption, the entire message is converted into scrambled cipher text which needs to be deciphered before it can be converted back to readable text. Only the intended recipient, who should have the decryption key, can decipher the message. For any organization with sensitive company or customer data, this is an essential security feature to use.
2. Multi-factor Authentication
Multi-factor authentication (MFA) stops the unauthorized access of Office 365 accounts. It does this by requiring more than one verification method for logging in. These verification methods are the typical username and password, along with one or more of the following:
- Pass Codes – Randomly generated and sent to the mobile phone of the user as a SMS message, or generated in an app.
- Phone Calls – A call is made to the phone number registered to the user. A passcode is provided on the call which the user uses to gain access.
- Smart Cards – These can be virtual or physical. The card is inserted into a card reader, after which the user is asked to enter a PIN code.
- Biometrics – Scans the fingerprint or iris of the user in order to provide authentication.
This feature adds a strong layer to user authentication because an attacker would need access to not just the user’s login and password, but also one of the other verification methods.
3. Data Loss Prevention
Data Loss Prevention (DLP) prevents sensitive company information from leaking outside the organization. One of the biggest security issues businesses must deal with is data breaches by employees. Office 365 DLP can identify and protect sensitive data located in Exchange Online Mailboxes, OneDrive, or SharePoint.
DLP is implemented by defining policies and rules within Office 365 to handle sensitive content. If DLP finds that content designated as sensitive is being shared, it uses the rules defined in the policy to decide whether to restrict access, send an alert, or do nothing at all. This feature is critical for organizations who need to meet compliance requirements and allows them to protect sensitive information without sacrificing productivity.
4. Mobile Device Management
Mobile Device Management (MDM) enables an organization to secure and manage the mobile devices provided to Office 365 users. These can be smart phones, laptop computers, and tablets. With MDM organizations can:
- Keep devices updated with latest security updates.
- Remotely wipe data in case the device is lost or stolen.
- Enforce passwords and passcode rules to secure devices.
- Block access to sensitive company documents.
- Encrypt all data on the device to guard against data leaks.
These capabilities are implemented through the creation of policies within Office 365. With these policies the organization can tightly monitor, control, and enforce security rules on all mobile devices. For organizations who provide mobile devices to Office 365 users this is a very important feature.
5. Advanced Threat Protection
Advanced Threat Protection (ATP) provides an extra layer of security against malicious attacks. Business email compromise is on the rise, and posing a big problem because of how difficult it is to detect. ATP helps organizations identify and guard against these threats by:
- Scanning email attachments for malware.
- Verifying web links in emails and attachments to ensure they are safe.
- Checking email addresses to detect email address spoofing.
- Scanning files in SharePoint, OneDrive and Microsoft Teams for malware.
- Analyzing incoming email messages for phishing attacks.
ATP is also implemented using policies. When a threat is identified an action is taken based on the rules the organization has set up to handle each scenario. This feature is essential for organizations who want to take a pro-active approach to stopping potential threats.
With the widespread adoption of cloud services such as Office 365, IT security becomes even more important than ever before. While there may be a risk, by implementing the many built in security features of Office 365, that risk can be mitigated.
At Outsource IT we believe that there is no such thing as too much protection. The more measures an organization takes to ensure their data is safe, the less vulnerable that organization will be to potential attacks. Ask your Outsource IT Account Manager about solutions to even further secure your organization’s Office 365 accounts.