How To Secure Office 365

​When operating your business in the Cloud with Office 365 you are inherently safer from attacks with less to manage, the most basic security is dealt with, and you are much more scalable. This doesn't mean, however, that attackers haven't figured out ways to take advantage of your employees. Most breaches start with an email and getting someone to take action from your organization. This could be a fake sign-in page, instructions from your "CEO", or just a fake invoice to be paid. The items outlined below are our recommendations for a small business. Large enterprise, government, or companies that deal with confidential data would not be part of this baseline security configuration.

1. Secure your inbox
2. Manage user sign-ins
3. Enable conditional access policies

1. Secure your inbox

RyanTech has a long history of migrating organizations to the cloud and when we do so, we implement our 25 step proprietary onboarding procedure. This involves specific mailbox configuration that we've found to be a great combination of security and usability. The goal is to stop incoming threats to your inbox.

Ensure mailbox spam filter settings are increased from the out of the box settings that come with Office 365 and that you are adding rules to deny emails that are obviously scams. With a few extra Office 365 licenses available, there are significant measures and meters available to stop spam.

2. Manage user sign-ins

Part 2 of securing Office 365 involves having some kind of SIEM (Security Information and Event Management) in place to monitor who is coming in and leaving your Cloud infrastructure. For a simple to use SIEM, we built Cloud Protect, which requires zero setup on your end. Read more about it here.

Azure Active Directory provides some basic sign-in activity in the Azure portal, but offers horrendous alerting with no specifics, so we recommend something more robust. Adding MFA on user accounts or at least admin accounts is an easy item here to limit unwanted access. Although, be warned that it's not the end all be all for preventing breaches.

3. Conditional access

Think of conditional access as basic rules against users signing in. If you don't meet the rules, then you can't sign in. If your company has an office, you can add your office IP as safe and all other IP's as requiring MFA. This will allow you to maximize convenience with security. In addition, if you don't operate in other countries then it's usually a good idea to block those as well.

This isn't a comprehensive list of everything you could do to secure Office 365, however, we do provide consultations and risk assessments to any company looking to find their weaknesses in infrastructure. We are available by live chat or by sending a message here.