Taking Control of Your Data Security with Microsoft
In recent years, Microsoft has taken great measures to increase security to help organizations better protect their data, identity and infrastructure. While there is much more security and protection available, many organizations are not taking control of their data security, leaving them exposed to threats, data breaches and fraud. From our experience, the lack of security enforcement isn’t due to a lack of interest for increasing security measures, but rather the lack of internal knowledge for managing and maintaining the security on data, platforms and infrastructure internally.
Internal vs External IT Security Management
Why? Well, I often use this analogy when drawing the line between in-house and external resources with clients. Most organizations hire in-house accountants to manage and maintain the daily accounting tasks that must be performed to maintain a business, but very few organizations hire in-house specialized tax accountants that keep up-to-date on all the minor changes in tax law and regulation that can save your business money. This depth of knowledge generally requires you to consult with an external specialized tax accountant to gain the know-how and leverage the benefits available if you are aware of it.
This is often the same reason clients work with external IT consultants, like Steeves and Associates, that have decades of experience implementing, managing and maintaining platforms, infrastructure and data security for enterprises, who also keep up-to-date with the latest security and protection updates to help you keep your organization’s confidential business data, infrastructure and identity secure.
My Microsoft Office 365 Secure Score
Ever wonder how secure your organization really is using Microsoft Office 365? The wonder is over, now you can use Microsoft Secure Score to understand how secure your organization really is based on your regular activities and security settings. Think of this as a credit score for your security.
It’s easy to access your secure score [https://securescore.office.com] for anyone that has admin permissions on your Microsoft Office 365 Business Premium or Enterprise subscription. In running your score, Microsoft will evaluate the Office 365 Services you are using as well as review your settings and activities, then compare it to a security best practices benchmark to reveal your score. Now that you have your score…let’s get into the Top 10 Security Enhancements you can make to secure your modern workplace.
Top 10 Security Enhancements for the Microsoft Modern Workplace
To help you get up to speed with some of the recent security enhancements rolled out by Microsoft, here is a list of the ‘Top 10 Security Enhancements’ released from Microsoft in Office 365, Windows 10 and Microsoft Azure that you should be leveraging today:
1) Office 365 – Multi-Factor Authentication (MFA)
Multi-Factor Authentication (MFA) is an advanced form of authentication that uses two or more methods to verify that you are who you say you are. It brings an increased level of security to user sign-ins and transactions.
As part of your Office 365 subscription, you’ll get access to a variety Azure Multi-Factor Authentication capabilities, including text message and phone call verifications. These options can be managed in the Office 365 Administration Center – review this Microsoft Support article for more information on how to set up MFA.
2) Office 365 – Cloud App Security
Office 365 Cloud App Security is the best way to stay on top of suspicious activity in Microsoft Office 365. Using policies that are defined for your organization, you can receive alerts when potentially problematic situations arise, see how your data is being accessed and used, and manage user accounts displaying suspicious activity.
To get started, log into your Office 365 account at https://protection.office.com and choose Alerts > Manage advanced alerts. Turn on 365 Cloud App Security, then choose “Go to Office 365 Cloud App Security”. This will give you access to the anomaly detection policies, alerts, activity logs, and more.
Note: if you are using Office 365 Enterprise E5, you already have access to Office 365 Cloud App Security. If you have a different Office 365 Enterprise subscription, it is available as an add-on. In the Office 365 Admin Center, choose Billing > Add Subscriptions or contact your Microsoft Cloud Solution Provider.
3) Office 365 – Exchange Online Protection
Office 365 keeps your email safe with Exchange Online Protection (EOP). EOP is a cloud-based email filtering service that keeps your organization protected against spam and malware. Here are some the key features of EOP:
- Anti-Spam Protection – Inbound and outbound spam protection are always enabled, so you don’t even have to think about it. Office 365’s Anti-Spam Protection uses both connection filtering and content filtering to keep your inbox and outbox as clean as possible.
- Advanced Threat Protection – Office 365 Advanced Threat Protection (ATP) works to protect you from attacks by scanning email attachments, scanning URLs in email messages and attachments, checking for unauthorized spoofing, and detecting when someone is trying to impersonate your users and custom domains.
- Anti-Malware Protection – Multiple anti-malware engines work to protect you at all times, by inspecting the body and attachments of every email. You can make customizations to suit your specific needs – for example, administrators have option to send a notification to the sender when malware is detected so they know they message has not been delivered
- Protection for Custom Domains – You can protect your custom domains in Office 365 by setting up SPF, DKIM, and then DMARC to validate mail sent by your organization and to help prevent spoofing.
4) Office 365 – Exchange Mailbox Audit Logging & Data Loss Prevention
Office 365 Exchange Mailbox Audit Logging and Data Loss Prevention (DLP) allows you to monitor and manage your users’ mailboxes. With mailbox audit logging, you can see who has logged in, sent messages, and performed other activities in your user mailboxes. Turn on mailbox audit logging in Office 365 by using Exchange Online PowerShell – see how here.
DLP allows you to prevent sensitive data from being communicated via email. It works across Office 365, so users can stay compliant without interrupting their workflow. You create and manage DLP policies on the Data loss prevention page in the Office 365 Security & Compliance Center.
5) Microsoft Azure – Operations Management Security & Audit Dashboard
Located with the Operations Management Suite portal, the Security and Audit Dashboard gives you a high-level, comprehensive view into the security of your resources. It lets you know instantly about security alerts and other vulnerabilities, so you can take action. It is your home screen for security on OMS. The dashboard is divided into four sections: Security Domains, Notable Issues, Detections, and Threat Intelligence, which can be viewed in any custom time frame, allowing you to easily see
6) Microsoft Azure – Azure Log Analytics
Azure Log Analytics helps you collect and analyze data generated by resources in your cloud and on-premises environments. It monitors these environments to maintain availability and performance. With a simple query, you can retrieve any performance or event data you want. The data can then be filtered, manipulated, and analyzed using powerful machine learning constructs. Log Analytics has pay-as-you-go pricing and is billed per GB, with the first 5 GB of data ingested each month offered free.
7) Microsoft Azure – Azure Monitor / Azure Advisor
Azure Monitor gives you detailed, up-to-the-minute performance and usage data, in an easy to understand dashboard. This means you can stay on top of operational issues – diagnosing and resolving them quickly. Azure Monitor also allows you to set alerts and automated actions to respond to issues before you are even impacted. Monitor is billed on a per-use basis, so you pay for what you need.
Azure Advisor, a personalized cloud consultant, takes it one step further. It analyzes your resource configuration and usage telemetry, and recommends ways to improve security, performance, high availability, and cost effectiveness of your Azure resources. The Advisor dashboard allows you to see your recommendations filtered by subscription and resource type. Advisor is billed monthly.
Both Azure Monitor and Azure Advisor can accessed and managed via the Azure portal.
8) Microsoft Azure – Application Vulnerability Scanning, Firewall, Penetration Testing, Authentication & Authorization
Nothing is more important than security in the cloud, which why I’m happy to report that Azure provides a wide array of configurable, customizable security options.
- Application Vulnerability Scanning – using the integration with Tinfoil Security allows you to perform vulnerability scanning with just one click. You can then view reports and see step-by-step instructions on how to fix each issue.
- Web Application Firewall – Azure’s web application firewall protects web apps from the web-based threats.
- Penetration Testing – Before deploying apps in Azure, you must first penetration test them. While you no longer need pre-approval to conduct a penetration test against Azure resources, you do need to fill out the Azure Service Penetration Testing Notification Form – check out the Rules of Engagement for more information.
- Authentication & Authorization – App Service Authentication/Authorization allows you to sign-in users and access data without having to write code in your app, API or mobile backend.
9) Windows 10 – Windows Defender Anti-Virus (AV) & Exploit Guard
Windows Defender Antivirus (AV) is built in to Windows 10 and offers virus, spyware and malware protection and removal, real-time, cloud-based protection, and free automatic updates. You can manage, deploy, and report on Windows Defender AV in a variety of way (see here for more information). Windows Defender Exploit Guard (EG) is a new set of host intrusion prevention capabilities to take your protection to the next level. It allows to you to manage and reduce the attack surface of apps used by people on your network. While it comes built-in with Windows 10, full EG features are only available with Windows 10 E5
10) Windows 10 – Windows Defender Advanced Threat Protection
Windows Defender Advanced Threat Protection is a new platform that helps networks prevent, detect, investigate, and respond to advanced threats. It is different from Microsoft’s free antivirus service because it uses next generation protection to detect threats that have made it past other defenses, allows users to investigate breaches, and offers suggested responses. To configure individual capabilities, go to the Windows Defender Security Center. Windows Defender Advanced Threat Protection requires a Microsoft 365 E5 subscription.
Discover More Ways to Protect Your Data, Infrastructure & Security
While we weren’t able to highlight all the security enhancements available in Office 365, Microsoft Azure and Windows 10, this is just the tip of the iceberg of how you can take back control of your security, infrastructure and identity, which all starts with prevention protection. If you have specific questions about how you can make your organization more secure, reach us to speak with a Senior Prevention & Data Security Consultant at firstname.lastname@example.org or 1 888 952 8800.
Author: Bruce Piper
Experienced Solutions Architect with a demonstrated history of working in the information technology industry. Skilled in Service Delivery, Enterprise Software, Messaging, and Enterprise Architecture. Piper has a Diploma of Technology focused in Electrical and Electronics Control Option from British Columbia Institute of Technology. In his time off, Piper enjoys traveling the world.