Office 365 Security Best Practices (Actionable Tips)
Follow our best-practice recommendations for Office 365 security. These security recommendations would help you avoid common configuration errors and improve security posture to protect Office 365 against cyber attacks. Microsoft Exchange Online is one of the many products in O365 offering. It is a cloud-based messaging solution consisting of an Exchange server.
Is Office 365 Secure?
Cloud shouldn’t create any fears in your mind.
Office 365 security concerns are sometimes the greatest barrier for organisations holding back cloud adoption. Since Microsoft has been demonstrating huge commitment towards cyber security from OS related components to email security, in our review (we have no commercial relationship with Microsoft), this is a no brainer to follow Office 365 security best practices. A lot of features are part of Office 365 subscriptions used by medium and large businesses, allowing granular control to a large extent.
Office 365 Security Risks
The following list contains examples of Office 365 configuration vulnerabilities:
- Multi-factor authentication (MFA) for administrator accounts is not enabled by default. AAD (Azure Active Directory) global admins are the highest privilege accounts at the tenant level, similar to traditional domain administrator in an on-premises AD network. This is one of the top security concerns in Office 365 installations due to the highest level privileges attached to global administrators.
- Password Sync enabled. Azure AD Connect is a Microsoft tool designed to ensure hybrid identity goals. Its main purpose is password hash synchronization of hashes of all the users on-premises AD with Azure AD. Office 365 security practices do not encourage this setting. Where an attacker has compromised on-premises AD and password sync enabled would allow an attacker to move laterally to cloud environments. Microsoft later disabled this function, however, some businesses may have performed administrator account matching prior to disabling this feature.
- Mailbox auditing is disabled. Prior to Jan 2019 Office365 installations did not have mailbox auditing enabled by default. This means explicit changes to the configuration are needed, that adds to Office 365 security risks.
- Unsupported authentication by legacy protocols. Protocols such as POP3, IMAP, SMTP are used with older email clients and do not support modern authentication such as Exchange Online authentication with MFA. Use Azure AD conditional access policies in this case.
Office 365 Security Best Practices Checklist
Without further ado, here is our list of top security practices.
Go for Unified Audit Logging
Companies that share information throughout different departments can improve their level of security by enabling Microsoft’s unified audit logging. It’s a revolutionizing feature that can safely track, monitor, and search for configuration changes for every user and account. This minimizes the risk of losing critical data as one document is shared throughout different groups, applications, or domain.
Give a good think with your IT and security teams on what to log and what no to log, as there is a fine balance between volumes of just data, and use data to be logged.
Read the original article published here.
