Director at itro
How to secure your Office 365 installation against hackers
Microsoft Word is an almost timeless product that means very different things to different people. For a college student, it means late nights, cheap energy drinks, and frantically hammering away at a keyboard to get an essay in. For a writer, it’s a blank canvas that channels their inspiration and breathes life into their ideas. While for many office-bound professionals, Word is simply a necessary tool used to compile and share their report.
Unfortunately, some people also view it as a host of nefarious opportunities. While most see Microsoft Word and the rest of its Office 365 brethren as a way to apply themselves and create something of value, cybercriminals often see things differently — it might just be the entry point they need to get into your system and steal your data.
This blog post serves two purposes: first, we’ll go over the security measures that are built into Office 365. Then we’ll dive into additional actions you can take to ensure your installation and usage are as secure as they can be.
How secure is Office 365 out of the box?
Microsoft has gone to great lengths to make their products as secure as possible, and Office 365 is no exception. This means that simply by purchasing the software suite, your business automatically benefits from a range of security tools and a dedicated team of cybersecurity experts working around the clock to keep your files and data safe. But this doesn’t mean you can just check out and embrace blissful ignorance; rather, it’s imperative that you know the strengths and limitations of the security that comes with Office 365.
According to a recent Microsoft white paper, there are six layers of security protecting Office 365 users at any given time. These are:
- Physical security: Microsoft’s data centres, where your Office 365 data is stored, are designed with security in mind. They are impenetrable by human invaders and natural disasters, serving as literal bunkers to prevent your data being lost, damaged, or falling into the wrong hands.
- Network security: Microsoft’s network is designed in such a way that back-end servers and storage are physically separated from any public-facing interfaces, significantly reducing the likelihood of a bad actor getting deep into the system. All customer connections to the data centre are also encrypted — read our previous blog post on encryption for the lowdown on that security measure.
- Access control: To help users make sure they’re in control of who is accessing their data at any given time, Office 365 integrates with a range of tools that provide granular control over how people can interact with your account. These tools include Active Directory, Azure Active Directory and ADFS.
- Host security: This layer includes antivirus and antispam protection and can be applied across your organisation with the Office 365 Advanced Threat Protection (ATP) service. Office 365 ATP is an effective countermeasure to zero-day attacks (when the hacker exploits a previously unknown vulnerability) and can be included in all Enterprise and Business packages.
- Application-level security: This includes security features that are present in each Office 365 service, including high-load capabilities like throttling and regional isolation, which mitigate the risk of Distributed Denial of Service (DDoS) attacks.
- Data security: The last layer involves the security of any data stored on Microsoft servers. While their servers are multi-tenant, meaning hardware is used for multiple users simultaneously, each set of customer data is kept secure through data isolation and segregated through Active Directory. Data is also kept safe from Microsoft employees through role-based access control and lockbox processes.
These security features are an effective deterrent against hackers — as long as they’re activated and being used by everyone in the organisation. As such, always make sure you know exactly which Office 365 package your organisation has subscribed to, and consider holding a training session to get everyone up-to-speed with security tools and best practices.
What else can you do to outwit potential hackers?
Office 365’s security layers are, without a doubt, a valuable defence against cybercriminals. That being said, there are a few extra measures you can take to make doubly sure that your company data never falls into the wrong hands. These include:
Minimising risk during installation
If your organisation doesn’t currently use Office 365 but is considering making the move, then it’s vital to prepare your existing system, data and employees for the transition. Just as bank robberies often happen when the money’s in transit, data is uniquely vulnerable when it’s being moved from one server to another. It’s therefore a good idea to identify sensitive company data early on, and then to restrict access to it whenever possible.
Office 365 offers extensive permission functionality, so make it a priority to designate and implement role-based restrictions before said data is migrated. Failure to do so increases the risk of internal security threats, like the odd disgruntled employee (looking at you, Steve).
Enabling multi-factor authentication
For additional ongoing security, you can require employees to log in using multi-factor authentication. Azure multi-factor authentication is included in every Office 365 for Business subscription package. You can also activate it on a per-user basis, so there’s no need to worry about low-level employees who don’t have access to sensitive data in the first place. Microsoft has a detailed guide on how to set up multi-factor authentication in Office 365, which you can access here.
Regularly checking your Office 365 Secure Score
Microsoft has recently unveiled the perfect tool to see exactly how secure your Office 365 setup is across your organisation: the Office 365 Secure Score. It analyses all of the services installed on your company network, your security settings and regular user activity, and then assigns a score. This is a great indication of whether any particular area poses a risk and needs attention. For more on the Office 365 Secure Score, click here.
If you want an expert opinion on your system infrastructure from leading IT professionals who understand the needs of Australian businesses, you can request a free onsite IT assessment from ITRO. We guarantee a fair and balanced assessment with no strings attached — one that’s actually worth your time and offers genuine insight into the security and efficiency of your existing technology. We can also help you make sure that your Office 365 installation is secure and fully insulated against cyberattacks. Get in touch today.
|Security||Chat to itro||More Blogs|