We all love Office 365. It is an essential and unique ‘gadget’ that many businesses use and need to use to stay in business. But you must understand certain things to help keep protecting your data when using Office 365.
The ongoing concerns with cybersecurity and the way that cloud-based systems function up until this point, like Office 365 for example, brings us to an awareness that modern companies who use these services and tools really need to be very watchful about keeping their sensitive data from people with bad intentions.
You know, like hackers or social engineers that can then turn around and sell the data for a profit and in turn hurt the company who they stole it from and also the people related to that data. And round and round it goes. Until you do something about it. This is why these days we have cloud systems with embedded security like Office 365 from Microsoft.
You just need to have specialists like Expert Turnkey by your side to help guide you and make sure all the right security settings and configurations are made to your system so that your data is protected and secured the first time around.
These days with the new trend to “Bring Your Own Device” to the workplace also comes many new security issues to deal with and the rabbit hole only gets deeper from there, especially for businesses that handle very sensitive data ( for example: health care ) or need to comply with industry security standards like HIPAA and others.
Since everyone these days has Office 365 we will give you a few tips to pump those cyber-security numbers up. (so they don’t look like rookie numbers)
1. You really want to have Multi-Factor Authentication (MFA)
Normally users only have one way to login to their Office 365 – namely a password associated with an email or username.
Normally we all use a password and a username to log in to our online services for Office 365.
But some employees, and especially in my experience, have very little concern over their password complexity.
Because users are not tech savvy to the point of understanding the risk and consequences of losing or sharing their “simplified” password. Which sometimes it’s so easy, if you know their pet’s name you have complete access. And what if they are a senior executive, who are even more prone to having simple passwords like this because, lets face it, folks from yesteryear like to keep things as simple as possible, even to the point of using a notepad and pen. And this is a security risk even small companies these days cannot afford.
So what is MFA? It combines multiple factors – like a special security code, usually sent via SMS or from using an encrypted dongle, a password, a unique fingerprint, or a eye retina scan (just like in the movies). This is to verify a person’s identity and really protect the system against “soft breaches.”
That means even if a criminal is able to get your password, they can’t access your account without the other verification method(s). This means that even if someone with bad intentions grabs a hold of your user and password, they will not be very likely to gain access to that account if at all. because of the multi factor “thing” it’s easier for companies to enhance their data protection with just a few clicks and some help from their friendly Expert Turnkey IT Tech Support People
For almost all companies, the basic built-in option in the Office 365 system can provide the necessary protection you need to get things rolling in the right direction. It allows us to activate MFA down to the user level, and this enables several different options for the second verification method that we can choose at your discretion. We make sure we sit down with you and have some idea of what and how we are going to implement this change before we start “clicking around” as most users jokingly say.
2. What is Data Encryption and why do I need it? Does it really matter?
To answer that question we are going to have to get a bit technical. I apologize in advance. So, to really ensure the total security of your most sensitive information going from one device to another, or what’s called transit or movement of data; we need to implement what’s called a “data encryption protocol”. This is something done to the data itself, consider it as a shell around your data that is not accessible by just plain access, it would require special keys or codes to unlock to read, and these are pretty lengthy and painstaking. This ensures confidential storage and communication that does easily allow someone to quickly snag your data.
This is very important if your business handles customer data and information like credit cards, financial and health information, social security numbers, etc..
But with Office 365 offering several encryption capabilities by default, like: BitLocker for files saved on Windows computers and what's called “TLS” (Transport Layer Security) connections for files stored on OneDrive for Business or SharePoint Online.
More so, you have the ability to send encrypted messages to any recipients outside of the organization with Microsoft Office 365. Which is really handy when you have to send sensitive information to 3rd parties. They can then access the secure messages by signing in with a secured Microsoft account online using their web browser, using an Office 365 account, or entering a one-time passcode. All these features allow your data to be have the protection it deserves. Rest easier at night knowing you did the right thing. Those who leave this up to chance or do not give importance to these sort of security needs, pay the price ultimately.
3. So I heard about Mobile Device Management (MDM), tell me more
Many companies are now warming up to the fact that the policy of: “Bring Your Own Device” is very necessary and something to seriously consider. Because your data will site on their personal devices, iPad, iPhones, android and windows mobile devices.
These devices belong to the user and not the company that employs them. And if anything happens, which is most likely it will happen, the company and not the employee will be in deep trouble. This is why this new feature MDM is so vital to your organization.
Even though you can provide the necessary education to your employees, you will still need to safeguard against infinite of scenarios such as lost devices or someone other than the employee gaining access to the devices, etc..
This is why the new Office 365 offers a built-in MDM option, which works very well for employees accessing email with their company or personally issued mobile devices.
If employees are using their own devices or using things other than e-mail, the Microsoft Intune will give you more control and offer additional protection. This is very necessary to keep your company out of harm’s way. And it allows for pretty good sleep at night as well. Take it from me. You don’t want this sort of thing haunting your dreams. Your will will ultimately make you sleep with the Dog, or even worse, make the dog sleep with her and you can keep the dog house..OK off to the next item! :\
4. Data Loss Prevention (DLP) - This one is great!
DLP is a really nice feature. It ultimately ensures that all sensitive information stays within your organization by monitoring all confidential data and then by preventing users from sending the data to anyone outside of your company. This is like having a watchful eye inside everyone’s device. Very clever indeed.
You can use one of the provided templates that would meet your regulatory and compliance needs (like HIPAA) or you may customize your own security policy to specify the location of data and type of information to be protected. No worries. We can help you with this one!
With DLP, you can pinpoint private data across many software environments ( like Exchange Online, SharePoint Online, and OneDrive for Business), and prevent unnecessary accidental sharing of important and sensitive information, protect and monitor all those sensitive files on the desktop. The versions of Excel-16, PowerPoint-16, and Word-16, can help employees to stay compliant on the fly, without messing with their day to day work. Using built in technology that is designed for this chore. You can also see these data flows by having reports run from these specific applications.
5. 'Meat and Potatoes': Advanced Threat Protection (ATP)
One of the biggest cybersecurity threats, if not the biggest, is ransomware, which is spread via malicious links and email attachments and can quickly and easily infect your entire network and mobile network on the fly.
Even if you offer employees tons of training and education so they don’t click on suspicious links and attachments, you cannot rely or trust that everyone is going to be being vigilant at all times of the day. We are all human. And as such, we make mistakes. This will never change. Unless robots take our place, we will have to deal with things like this for a long time to come.
The bad news is that It takes only one employee to open one malicious link that can cause easily damage to your sensitive data – and your reputation forever!.. (yikes!)
Advanced Threat Protection will help really prevent these harmful links or attachments from entering into your users inboxes to begin with, by accessing that link in a virtual environment to scan for dangerous code activity before delivering the messages to the appropriate recipients. This is a great feature by far! Thanks Big G., we needed that one! (referring to Bill Gates obviously)
6. And lastly, what in the world is Privileged Identity Management?
When the user’s accounts that have admin privileges are data breached, the consequence is often more serious. Yes I said MORE THAN. This is a unequivocal mathematical term that goes in the opposite direction of anything good, in this instance… and you don’t wanna be there. Trust me, I know my data security. ;)
We fix this by restricting the number of users with admin access, this can and will help in lowering your risks, including a risk of a heart attack. Only Joking! But you never know these days.