Office 365 Security Basics

With a large percentage of Small to Medium Businesses utilising Microsoft’s Office 365 suite for email hosting and cloud applications, it’s drawn the attention of cyber criminals. Microsoft provides a valuable suite of security tools and reports for Office 365 to assist with security on your account. They stress the importance of frequent maintenance tasks, even providing your business an Office 365 security score that relies on continued monitoring and maintenance. The following security basics should be applied for all businesses.

Retention Policies enabled across all items in organisation

Retention Policies define for how long Office 365 will retain deleted items (be it email, calendar appointments or files etc). In most organisations it critical that all information is retained in case of accidental deletion, instances when staff leave your organisation and delete information, and audits that may require you to access years old information.

Enabling 2FA for Office 365

2 Factor Authentication means that users must enter both a password to enter the Office 365 website, and a code that is generated from an app on their mobile phone. It’s an extra layer of security that protects your account from being hacked. Cyber criminals use elaborate, but fake websites to trick you into entering your usernames and passwords, and then use them to breach your office 365 account. This stops this type of attack.

It’s important to note for those that use a desktop install of Outlook to access your emails, you don’t need to access the code from the mobile app each time. There is a once off code to activate the device that has Outlook installed, and then users can access it with their normal email password.

Ensure External Calendar Sharing is Disabled

This is a setting that should not be enabled, essentially it stops anyone outside of your organisation from potentially seeing or exploiting staff calendars.

Ensure Mailbox Auditing is turned on for all users

Mailbox auditing tracks very detailed changes to users email that can be very useful in understanding not just security breaches but also actions of staff. Tasks like moving or deleting emails, setting up mailbox rules, and any activity on the mailbox.