Guest contribution: Security features of Microsoft 365

This week’s blog is a guest contribution from Mark Lawton, Director at Risc IT Solutions and one of our speakers. Before joining the team at Risc, Mark headed up Channel Partnership at Microsoft, specialising in Cloud & Productivity solutions. Today he’s sharing with us his top security features in Microsoft 365.

As so many of our business operations are dependant on technology, it’s easy to think that protecting your business, and the security measures involved in doing that, are the responsibility of the IT department. Whilst IT does play a huge part in maintaining security, it’s not just your IT team’s issue; it’s everyone’s issue from the board down.

Microsoft recognise that employees desire freedom and anytime, anywhere working, but this can bring additional security risks. Microsoft 365 empowers employees with Office 365 and Windows 10, as well as EM+S, a comprehensive and robust security package to keep your business safe.
With security at the heart of Microsoft 365, and an array of features and services available to you, here’s my top security recommendations; the essential features that you should be utilising.

1. Office 365 Secure Score

Office 365 Secure Score is a tool offered by Microsoft to help businesses understand the extent to which they are aligned with Microsoft’s best practices. As well as a score to gauge how you compare to other companies within the UK, Microsoft provide a list of suggestions to help you increase that score and thereby the security of your business. From suggestions such as enabling Multifactor Authentication (MFA), to ensuring all emails are audited, Microsoft Secure Score is a comprehensive step by step guide to securing your business.

2. Azure Information Protection

Control the data you send outside your organisation with Azure Information Protection. Your employees can classify documents easily without interrupting their work – they might be labelled as ‘Do Not Forward’ or ‘Internal’ for example. They can also see where their documents have been sent and who they’ve been accessed by, as well as rescind permissions if necessary. This allows you and your employees to easily keep track of your business data.

3. Advanced Threat Protection

Phishing attacks (mass spamming of fraudulent emails) and spearphishing attacks (targeted spamming of fraudulent emails) continue to be rife and, unfortunately, effective. Advanced Threat Protection has multiple safeguards to ensure that these emails never reach you and your employee’s mailboxes. Unparalleled technology detects and detonates spurious emails, as well as malicious links and attachments, without hindering productivity.

4. Identity and Access Management

Many cyberattacks and data breaches attempt to gain access to sensitive information. Ensuring that only the right people have access to the right information is paramount. Microsoft focus on:

• Secure Authentication (MFA with the Authenticator App),
• Conditional Access (blocking or requiring additional authentication for devices that aren’t enrolled in your Remote Mobile Management solution) and;
• Identity Protection (blocks access attempts if they’re outside the user’s normal pattern of use).

Together these three areas provide comprehensive protection for your and your employee’s identities and business data.

If you would like to learn more about anything in this blog feel free to give me a call on 01492 862780, and please do attend one of our briefings, where this topic will be covered in much more depth and we can discuss specifics in relation to your business.