The Microsoft 365 Security Features You Should Know About

Microsoft 365 has developed a raft of security features for good reason: if you don’t have solid cybersecurity defences, hackers will exploit your weaknesses for their own gain.

Sometimes it’s difficult to persuade a client to adopt measures that will protect their business due to the perceived “hassle” of introducing this protective technology. A common one is failure to introduce two factor authentication to email, despite warnings of the consequences when lacking such essential measures.

Over the years we’ve seen this vulnerability play out with companies who contact us for support, and leads, by various means to funds being transferred into a fraudster’s account by an unsuspecting employee or even worse, client of that company. Needless to say, two-factor authentication and other measures are often then immediately adopted and those perceived hassles are no longer a consideration. These incidents can be easily avoided if the client had taken experts advice or sought some expert advice in the first place.

The rise in cybercrime has to be a concern for IT managers and business owners. It seems that every other week there’s a high-profile attack on a major international business.

Creating security walls that make your business network impregnable requires a multifaceted approach. Fortunately, for Microsoft 365 users, the software giant does a lot of heavy lifting for you.

Microsoft 365 is one of the most targeted software for hackers. That hardly comes as a surprise considering Office is the most widely-used productivity tool in the world.

But because M365 is getting so much attention from cybercriminals, Microsoft has more data and experience they can use to fortify M365’s gateways. And that’s how they’ve been able to develop a powerful bundle of security features.

A cybersecurity strategy is an obligation for any business that collects and stores personal data. The necessity is underscored by the harsh penalties dished out under data privacy and protection laws, namely GDPR.

By the end of September 2021, the number of breaches was already 17% higher than in the whole of 2020. Given the climate, there is little point in investing in a productivity suite that could potentially leave your business vulnerable to attack.

Microsoft 365 has the edge on competitors here. With a host of security features, Microsoft 365 goes a long way to ensure your business network is secure.

Microsoft 365 Base Level Protection

Microsoft 365 contains various protective measures that are designed to identify suspicious behaviour, quarantine threats, eliminate vulnerable gateways and authenticate users.

Some of the robust solutions are automated whilst others need configuring and performing. Either way, it’s useful to know what tools are at your disposal so you can accurately compile a security strategy that enables you to secure your network without disrupting the efficiency of your operations.

Contrary to popular belief, cloud computing can help strengthen your cybersecurity measures. Microsoft leverage these cloud defences via the M365 Business Security Centre which is designed to monitor security and configure devices, users and apps.

The company also releases security updates that are designed to stay ahead of cybercriminals. With Intune in the Azure portal, you also have a cloud-based service that enables you to manage security on mobile devices easily.

Let’s take a deep dive.

Microsoft Defender for Office 365

The primary means deployed by Microsoft 365 is the standard-issue first line of defence that comes with all Office 365 subscriptions. Its main task is to protect your staff’s email communications from inviting malware into your systems.

Microsoft Defender consists of three lines of defence. Firstly, Exchange Online Protection is all about protection. This feature applies a brute force approach that combs through inbound emails in search of malicious code that is known to be used by hackers.

Defender works by actively filtering the email of all connected accounts to remove spam and phishing attacks before your staff can click on potentially infected links or download documents infected with malware.

The second layer is Microsoft Defender for Office P1 (MDO P1.) This intelligent layer aims to detect potential attacks that contain new malicious code that cybersecurity firms do not know about.

Hackers develop codes that target vulnerabilities in software that are still yet to be discovered. However, the code they use can still be detected by MDO P1 because it will appear ‘suspicious”. Defender quarantines suspicious files so you can check them out in a safe environment.

Finally, Microsoft Defender for Office P2 (MDO P2) is in place if the unimaginable happens. This layer of defence investigates attacks that have already found their way into the system and effectively responds to them. MDO P2 has the power to force attackers out before they can do any real damage.

Microsoft Defender features customisation at all levels, but the most useful one is that which allows custom anti-phishing policies. This allows you to configure your Microsoft Defender to tackle the unique phishing attacks in your industry.

Microsoft Defender Antivirus

Like all tech giants, Microsoft runs flagship and next-generation antivirus software to protect its users’ devices and networks from viral attacks. Microsoft Defender Antivirus is advanced software that includes machine learning, mass data analysis and threat research.

This feature leverages the power of Microsoft’s cloud infrastructure to overwhelm the capabilities hackers throw at it. Microsoft Defender Antivirus is included on all Windows devices and is designed to have impressive capabilities within the context of Microsoft 365.

A key feature of Microsoft Defender Antivirus is that it is compatible with most other antivirus software. This means that you can run your favourite antivirus while maintaining Microsoft Defender Antivirus to work mainly on your Microsoft 365 network.

While Microsoft Defender Antivirus will have to run in passive mode for this to work, you can still benefit from its superb threat detection capability.

Microsoft Intune Security Features

Microsoft Intune is the perfect resource to control how your organisation’s devices are used to protect your business against malicious usage. This feature is indispensable for companies that have a Bring-Your-Own-Device (BYOD) policy and/or a remote workforce.

This holistic mobile device management and mobile application management allows IT staff to set policies that control how Microsoft applications are used.

For example, you might want to prevent your staff from sending or receiving emails outside of your organisation on devices they use to access the network. This ensures that devices that are potentially vulnerable cannot be breached.

Microsoft Intune does not stop at your businesses devices; you can also install it on your employees’ personal devices. Of course, Microsoft Intune can do less in this case for privacy reasons, but it can work to isolate your business’s data from your employee’s personal data.

This means that employees are still forced to work in line with your Microsoft Intune policies when accessing business data, but they maintain the freedom to use their data as they wish.

Conditional Access

Malicious actors typically try to gain access to your network remotely. You can stop these attackers in their tracks with conditional access by defining what networks, locations, and users you expect to be connecting to your network.

When Microsoft 365 detects someone is attempting to join from outside the configured parameters, it will deny access. Whilst the main reason for this is to protect your data, it can cause an inconvenience for employees that are trying to access the network on a new device or if their settings change.

Small inconveniences may feel burdensome, but they are a small burden to bear on the grand scheme of things. The prime example here is multi-factor authentication (MFA) which we have already demonstrated is an important requirement for preventing a data breach.

The purpose of MFA is to identify and authenticate the user trying to login. The current solution is to send a text message with a code to the individual’s phone and enter the code into the login prompt.

Moving forward, MFA will probably leverage 3D face imaging technology which will make verifying a person’s identity seamless and risk-free.

Microsoft Admin Centre

Microsoft 365 is not the only source of potential breaches to your data held within the cloud. If an individual device is compromised, hackers can gain control of it and wreak havoc within your systems. No level of Microsoft 365 security can protect against this from happening.

Utilising Microsoft Admin Centre may be able to contain the app. With this tool, certain verified users can block specific devices from re-entering your network, wipe their data, and return them to factory settings. This will allow your team to bring a cyberattack to a sudden halt at a moment’s notice.

Auto-Forwarding Prevention

In 2020, the FBI warned of a new terrifying tactic that has been adopted by hackers and cybercriminals worldwide. In a “Private Industry Notification,” the cyber division warned that hackers were changing people’s mail rules so that all emails would be automatically forwarded.

This tactic gives hackers much easier access to networks and allows them to gather vast amounts more data in real-time.

Thankfully, Microsoft acted quickly by designing its security tools, allowing users to define what rules can be placed on their email. It also allows users to create a rule that rejects messages that are likely to be auto-forwarding-based attacks.

Shadow IT Detection

Shadow IT is the cybercrime practice of bringing applications onto a network with the network administrator’s knowledge. When conducted with proper stealth, cybercriminals can run malicious software for months, stealing and encrypting data or working their way deeper into a network with nobody’s knowledge.

Microsoft 365’s designers considered this when applying Microsoft Cloud App Security to the product. This system draws network administrators’ attention to non-Microsoft applications that have been installed onto their network.

Authorised personnel then make a judgement call to determine if the application is a legitimate third-party tool (such as Slack) or whether it could be malicious.

Leveraging Microsoft Cloud App Security allows your business’s IT staff to gain much tighter control of the third-party applications that have been applied to your Microsoft 365 system.

Data Loss Prevention

During a cyberattack, vast amounts of data can be lost or stolen. However, it is your responsibility to ensure that departmental bank accounts and employee and customer data are not lost in the chaos.

If any personal data goes missing, your business could be in contradiction to GDPR legislation. One of the conditions of GDPR is that you must report a data breach to affected parties; customers, stakeholders, partners, suppliers etc.

Research shows that businesses that suffer a data breach lose a good percentage of their customers or supply chain. Whist some businesses can survive a financial loss through theft, it’s far harder to rebuild a business when your existing customers and investors have lost faith in your ability to protect your data.

All Microsoft 365 Business Premium networks have access to their Data Loss Prevention systems. This system automatically tracks and protects sensitive content to ensure it can never be lost. It features 40 templates that can define what constitutes sensitive data depending on the legislation that your business operates under.

Exchange Online Archiving

Depending on your industry, it is likely that your business will be obliged to keep hold of certain emails or documents for extended periods. Losing these documents could land your business in hot water with compliance authorities.

Microsoft 365 Exchange Online Archiving is available for Business Premium accounts. It allows your team to archive important legacy communications for as long as is necessary. Even if your business loses all of its data in a ransomware attack, these emails and documents can still be recovered.

Improve Your Cybersecurity Strategy with Micro Pro

All Microsoft 365 plans have a high level of security, and it is unlikely that your business will suffer a cyberattack because of a failure in the technology. Data shows that over 90% of data breaches are due to human error and not security technology.

A key takeaway here is that a higher level of protection involves ensuring your wider cybersecurity features are in place. A critical cog in the machine is your employees.

If you haven’t already engaged your staff in cybersecurity awareness and issued cybersecurity protocols that satisfy your data protection and privacy obligation in accordance with GDPR, speak to our knowledgeable cybersecurity specialists. We can help you strengthen your security defences.