Microsoft 365 Advisory Notice
Microsoft 365 allows you the freedom to access your emails and files from anywhere, and on any device. Unfortunately, this also allows an attacker to gain access to all your data with just your username and password.
We have seen a significant increase in phishing/identity compromise attacks and have created a set of best practice security recommendations that we are encouraging clients to adopt to protect from data breach.
Considering the increased volume of attacks and the risks associated to them, we strongly recommend that customers adopt our minimum baseline security standards.
To speak to an IT Expert about our Security Recommendations
Call today on 020 7307 5008
Baseline Security
This is the minimum security provision that we recommend:
Windows 10
Since January 14, 2020, Microsoft no longer provides security updates or support for PCs running Windows 7 Windows 10 has several significant security enhancements and is required for the majority of the advanced security features and functionality
Anti-Virus
An anti-virus that is centrally managed and can report on the status of individual PCs or laptops. Windows 10 includes Defender which is our preferred supported anti-virus technology
Enhanced Email Filtering/Protection Service
We require an enhanced email filtering/protection service that scans URLs and attachments within emails for malicious links and looks for the common signs of impersonation. This can be from Microsoft – Advanced Threat Protection (ATP) or from a third-party such as Mimecast or Symantec
Multi-factor Authentication (MFA)
Multi-factor Authentication requires you to type a code from your phone or accept a notification to get access to Microsoft 365. This can prevent hackers from taking over if they know your password Further granular settings for MFA can be achieved using Conditional Access (an element of Enhanced Security)
Enhanced Security
We recommend an enhanced security service for all organisations that handle sensitive, confidential information, or have regulatory compliance requirements. This is a combination of Baseline Security, plus:
Conditional Access
Conditional Access allows granular access to corporate resources based on ‘If/Then’ statements which can be based on user/device/location, or application. Depending on the result of the conditions, only enrolled users/devices/locations can be allowed access Microsoft 365 accounts without an MFA challenge
Identity Protection
Identifying and detecting vulnerabilities and risky account actions, investigating and reporting on high risk events, and setting Conditional Access policies for actions resulting on detecting high risk-based activity
Automation, Investigation, Remediation and Education
Tracking and exploring real-time threats, automated investigation and reporting of breach, attack simulation
Additional Application Protection
This allows checks and automated actions for users accessing specific corporate applications. It is possible to check that a device accessing these applications meets the specified requirements and based on this, block access, warn the user or wipe the company data in the application
Single Sign-on (SSO)
Single Sign-on allows users to sign in once with one account to access company resources, software as a service (SaaS) applications (such as Salesforce, accounting systems, etc.), and web applications. After signing in, the user can launch the applications whilst securely authenticated with Microsoft 365
Enhanced Management
We are also able to offer a range of Enhanced Management services, building upon the functionality of Enhanced Security. We would wish to further discuss your requirements and tailor the provision to meet your specific requirements. This can include elements such as:
- Automatic Software Deployment and Management
- Inventory and Asset Management
- Mobile Device Management
- Advanced Security Monitoring and Threat Prevention
We are working closely with Microsoft to identify new ways to help you stay secure, and we are developing a roadmap of recommendations which we will be sharing with you regularly to ensure that you are kept abreast of best practice as the security landscape evolves.
Find out more about our security recommendations.
Call today on 020 7307 5008