- Based on my experience I’d recommend implement following steps to secure your #Office365 Tenant. In my opinion these are the 7 important ways to secure.
- Implement MFA for Admin and regular users
- Use separate accounts for administration
- Custom configuration of threat protection
- configure protection against ransomware
- Configure anti-phising
- Configure ATP Safe-attachments
- Configure ATP Safe-links
If you are concerned about changes made to Exchange Online SharePoint Online Any tenant configuration settings, and changes made by users to any documents and other items.
NowYou can use enabled Auditing and use audit information and reports available in Microsoft cloud services to more effectively manage user experience, mitigate risks, and fulfill compliance obligations. In this video I’ll demonstrate you to enable and leverage Auditing feature in #Office365
For businesses using Office 365 and Microsoft 365, add a setting that requires your users to log in using multi-factor authentication. When you make this change, users will be prompted to set up their phone for two-factor authentication next time they log in.
Using multi-factor authentication is one of the easiest and most effective ways to increase the security of your organization. It’s easier than it sounds – when you log in, multi-factor authentication means you’ll type a code from your phone to get access to Microsoft 365.
Enabling MFA in Office is one the steps toward best practices and it also improves your tenant’s secure score
What is it ?
If you are migrating your emails to #Office365 and for any reason if you required by your business to route your email via on-premises network infrastructure, this how you want to do this.
Don’t place any servers, services, or devices between your on-premises Exchange servers and Office 365 that process or modify SMTP traffic. Secure mail flow between your on-premises Exchange organization and Office 365 depends on information contained in messages sent between the organization. Firewalls that allow SMTP traffic on TCP port 25 through without modification are supported. If a server, service, or device processes a message sent between your on-premises Exchange organization and Office 365, this information is removed. If this happens, the message will no longer be considered internal to your organization and will be subject to anti-spam filtering, transport and journal rules, and other policies that may not apply to it.
Secure your Office 365
If you have recently signed up for Office 365 subscription, your account becomes the Global Administrator account for your tenant. In order to secure your access to the account there a few very simple steps. In order to enable multi-factor auth you can do it by logging into your M365 Business/Enterprise Portal.
Setup Multi-Factor Auth in M365
Goto Admin Portal and select the desired user and follow the steps
A few weeks ago I’ve turned on Cloud App security feature in my Office 365 Subscription. I was surprised today when i started getting the alerts that there were some attempts made to login as my on my account. In less than two hours there were m15 attempts and they were all outside US and from an unknown device. First I didn’t know where it came from but when I logged on the links provided and I re-called that I did setup some policies a weeks ago.
As you can see below there were three email sent to me whenever there was an attempt made to hack into my account
And here is the policy matched and alert was triggered
The Next Step – Review the alert
The next action was to Review the alert and investigate it. I was brought on to this page
What did I configure? It was not enabled by default
As you can see, in GOVERNANCE I’ve options to select the action.
Pro Tip !
Enable Multi-factor authentication
Microsoft Teams, does not need any introduction as there is a lot marketing going on 🙂
Team built on core services are Exchange and SharePoint and Skype too. As soon as you create a new Team for collaboration with you colleagues background services start spinning exchange group mailbox and SharePoint libraries for you and in few minutes you are ready to collaborate in real-time which even allows to make calls from any device (I like it on my iOS).
So what is external collaboration and how to control it?
You can invite external parties to contribute and collaborate in Microsoft Teams or to be specific you can invite them in Channels within your team. If you don’t change the default setting, it open to anyone means anyone can send EMAILS your channels once they know the SMTP ALIAS. So if you don’t like it and if you have some business requirement which may not want to you keep it open for all, this video while show you how to control the EXTERNAL SHARING.