Businesses receive enormous convenience and cost control benefits from Office 365, but a move to the cloud also increases the company’s attack surface. This heightened exposure makes it imperative that administrators learn how best to implement the Office 365 security features.
Don’t sit back and expect adequate protection with the default security configurations in Office 365. Admins must tailor Office 365 security features to shield data on the platform from outside threats.
How does Office 365 affect business security?
Modern businesses cannot function as islands, surrounded by antimalware, antivirus and a secure perimeter and demilitarized zone for external users to access certain servers.
An enterprise that depends on Office 365 requires a more intelligent security approach that extends from the service provider to the users, who work on many different devices. Administrators need to discover and hold sensitive information, ensure compliance, prevent data loss and then identify and respond to potentially malicious traffic or use patterns quickly.
Advanced Office 365 security features include multifactor authentication, encryption to protect data at rest and in flight and data loss prevention to stop users from sending sensitive material over email or in unauthorized storage devices.
Office 365 enterprise users must balance features with price
Office 365 meets the requirements for compliance certifications, including those imposed by the Health Insurance Portability and Accountability Act, the Federal Risk and Authorization Management Program and the International Organization for Standardization/International Electrotechnical Commission 27001.
Suspicious activity afoot?
Administrators can manage and audit Office 365 security features with remote PowerShell, but the Office 365 Security & Compliance Center provides a GUI tool to enforce corporate policy and monitor potential threats. The portal provides seven major pages related to security and compliance:
- Alerts page: This section warns you when a user violates policies that IT creates. Administrators can also view alerts, understand how each was generated and take remedial action. Office 365 includes a series of default alerts and will inform you when a user receives administrative privileges and when it detects malware or unusual file activity.
- Permissions page: Administrators can grant users various permissions in compliance-related areas, such as device management and data retention. Elevated users can perform only the tasks assigned by the administrator. IT can alter or rescind permissions as business needs change.
- Threat Management page: Dashboard, Threat explorer and Incidents tools let administrators oversee risks detected within Office 365.
- Data Governance page: This area enables admins to import data into Office 365; archive and retain important messages and attachments as part of content lifecycle management; and establish supervision policies that review both inter- and intraoffice messages for inappropriate or sensitive content.
- Search and Investigation page: This allows administrators to locate messages and search audit logs. For example, use the content search to comb mailboxes, folders, SharePoint Online sites and OneDrive for Business content in the company’s Office 365 subscription. Export results to another computer for further examination. Use audit logging to view user and other administrative activities involving files, folders, sharing, SharePoint, Azure Active Directory, Sway and PowerBI.
- Reports page: This enables administrators to follow application use, identify suspicious app activity and provide notifications and alerts about unusual app use. The page generates reports that show how the organization’s employees use Office 365.
- Service Assurance page: This page provides details about Office 365 compliance efforts. These include Microsoft security practices for customer data stored in the messaging platform; third-party audit reports of security; and security, privacy and compliance controls used by Office 365.