Before the pandemic, many businesses took measured steps to transition to cloud technology. The global pandemic forced many companies to make rapid changes to allow their employees to work from home. Although there were security implications associated with such drastic measures, it has resulted in massive gains in cybersecurity.
The cloud has revolutionised the way businesses store and manage data. Thanks to major vendors investing in top-tier security measures, businesses of all sizes can rely on a high level of protection for their confidential information, along with regular updates as more features are added daily.
Despite the advances in cybersecurity technology, businesses still experience security breaches. Often, these breaches can be avoided when the right policies and configurations are in place.
To ensure your business is adequately protected without breaking the bank, let’s look at a few simple yet effective measures that are included with Microsoft 365.
Use Microsoft 365 Business Premium
All Microsoft 365 plans include security features, but Premium provides far more features specifically designed for business environments.
Use Multi-Factor Authentication (MFA)
When every user is authenticated correctly, the risk of security breaches drastically decreases. Furthermore, this powerful security feature can be executed speedily, taking a few minutes per account.
The two most secure MFA methods include the Security key method (which involves using a separate security key that you can insert into a PC or mobile device to authenticate the login) and the use of an authentication app. If you use voice and SMS-based MFA please do so with caution. SMS and Voice MFA do not use encryption, making it easy for hackers to intercept them.
Admin Account Protection
No user should have admin rights on their primary account because even admins can make mistakes when checking email or casually browsing. Users should only have the access they need for the time they need it. Implement a limited access policy to cut the chances of any violations.
Disable Anonymous Sharing
Anonymous sharing is enabled by default, allowing you to share documents with anyone. Meaning, a document could accidentally get sent to the wrong person. By disabling this feature, you will have more control over where your business data is shared.
Monitor SharePoint for Changes and Access Events
SharePoint is a practical way to keep your team informed. You can receive alerts for suspicious activity and notifications when someone deletes more than five files or copies a large amount of data. This can help prevent data loss accidents as well as malicious acts.
Implement Device Policies and Management
Your workforce may use various devices to carry out tasks. Each device is a potential path into your protected environment, so it is essential to have strong policies in place. You can create policies that require complex passwords and insist that Windows updates are performed promptly. Endpoints are now the most prominent threat, so use the free device protection in your Microsoft Business Premium subscription to boost security.
Block Client Forwarding Rules
Enabling email forwarding might breach your workplace policies and also put your business at risk. Suppose a hacker managed to gain access to an account, they could forward emails to an address of their choice, allowing them access to leak sensitive business information and wreak havoc.
Data Loss Prevention (DLP) Policies
In Microsoft 365 Business Premium, you can designate rules around your data, such as restricting certain document types from being emailed. You can use these rules to prevent sensitive information, such as credit cards, Medicare, and licence numbers, from being emailed, cutting a critical risk. If your business must share sensitive data, we recommend uploading documents to a secure file storage platform such as OneDrive or Google Drive and then generating a secure link to share with relevant individuals/teams.
Improve Your Microsoft Secure Score
Microsoft 365 includes a handy tool that evaluates your security posture and provides a score based on system configurations, user behaviour, and other measurements. In addition, the tool offers you a prioritised list of recommendations to support you in raising your security level.
Backup Your Cloud Data
A common misconception is that someone, somewhere, is backing everything up for you in the cloud, but that isn’t entirely true. Understand what your data loss acceptance level looks like and find a data backup solution you are satisfied with.
Training
Regarding cybersecurity, it is no surprise that human error is the most common cause of security breaches. Regardless of all the possible precautions you take to minimise the risk of cybercrime, all it can take is a link click, download, missed update or misconfiguration to lead to a big problem.
The best way to avoid human error is to enforce cyber security guidelines and provide online and in-person training and testing.
Testing should include a targeted phishing campaign to see who clicks – this can help you to identify who requires training.
As part of any cyber security audit, we look at physical security; you’d be surprised how many people still put their password on a post-it note by their monitor and how many visitors are left unsupervised around sensitive information!
Most of the actions in this post require little or no help to set up and will immediately reduce your risk of a breach. While it is worth investing in a cyber security review and the assistance of a data security specialist, there is plenty that you can do yourself to become less of a target to hackers.