The Basic Microsoft 365 Cyber Security Check List
Microsoft 365 provides hundreds of security features, that many other cloud solutions and on-premise servers do not. Many of these features we have already covered in The Basic Cyber Security Checklist and The Advanced Cyber Security Check List.
Now we are going to take you through some of the lesser-known features, that will help keeping your business secure when using Microsoft 365.
Data Loss Prevention
Data Loss Prevention or DLP, monitors data leaving your Microsoft 365 tenancy via any means and checks if the data is sensitive, confidential or personal. Users can be warned that they are breaking company rules, and that the communication needs to be authorised by a manager. The feature is in its infancy, but a great aid in your GDPR compliance.
Information Rights Management
Information Rights Management or IRM, provides an extremely high level of security, but should be used sparingly. Once it is enabled on a SharePoint site, IRM will encrypt all supported file types. This means that if a user copies one of these files to a personal device and then leaves the company, they will no longer be able to open the file. A great step towards protection your data.
Intune/Conditional Access/MDM
One of the advantages of a cloud solution such as Microsoft 365, is that it can be accessed from any location and on any device. While improving your operations, this out of the box setup presents a security challenge. By combining Intune, conditional access and MDM policies, we can specify which devices, locations and users that can access Microsoft 365, and the type of access that they individually have. For example, users can access from their personal device but are prevented from downloading or syncing any data.
Email Encryption
Microsoft 365 offers native email encryption that the user can very easily apply. Once applied, a message can have forwards and edits restricted or even prevent the message from being sent outside the organisation.
Advanced Threat Protection
Advanced Threat Protection or ATP, refers to a broad set of technologies across the Microsoft 365 platform. Think of it like antivirus for your cloud. Just enabling ATP is however not enough; to leverage its full set of features, your managed service provider will need to configure the ATP services correctly and have all your users trained on them.