Microsoft Office 365 is an essential business function for many organisations of all sizes as it changes the way businesses work. Office 365 is more than just a set of tools, it allows users to work collaboratively and remotely, as well as providing scalability, control and organisation.
Office 365 is designed to meet all of your organisation’s needs, including security and compliance with legal, regulatory and technical standards. Creating policies and enabling services that protect your organisation while allowing you to meet your organisation’s needs is vital.
Here are some of our favourite Office 365 security features and available add-ons that will help protect your business ensuring an effective IT security strategy.
1. Mobile Device Management
Staff are likely to be accessing company data on their phones or tablets. While training and education are essential to guard against inadvertent leaks of sensitive data, it is vital to protect against any unforeseen problems, such as a lost or stolen mobile.
With Office 365 you can have a mobile device management option, or MDM, which allows your organisation to secure and manage your users’ mobile devices and works well for companies where employees will only be accessing email via company-issued mobile or tablet devices. MDM allows you to create and manage device security policies, remotely wipe a device and view detailed device reports.
If your organisation is in need of more control, if staff needs to access more than just email remotely, or if staff use their own devices, then the Microsoft Intune add-on feature will give your organisation more control of how data is used on mobile devices.
2. Multi-Factor Authentication
What can you lose from better protection? Hacking incidents are on the rise and many of these incidents can be traced back to poor password management. Remember, at the very least passwords needs to be changed frequently and should include a mix of uppercase, lowercase and numbers and not using the same password for multiple log-ins!
Add an extra layer of protection and security to the login process with a multi-factor authentication, or MFA feature. MFA is a method of authentication that requires the person seeking access to data to be able to identify their identity in at least two ways:
- Something you know – password
- Something you have – like a mobile phone
- Something you are – biometric, like a fingerprint or face recognition
This feature works well for many companies, but companies with compliance requirements may need more robust options and we will discuss these options with you. Most solutions can be deployed on-premise or in the cloud and integrates with VPN, Web applications, Remote Desktop, as well as Office 365, to greatly increase security on these systems.
3. Data Loss Prevention
Data Loss Prevention (DLP), ensures that sensitive information stays where it should and doesn’t get sent outside of your organisation – accidentally or intentionally. With DLP you can identify sensitive information across many locations – emails, SharePoint, OneDrive and Office programs like Excel and Word - and prevent users from sending that information outside the organisation.
DLP is fully customisable, so it can fit specific needs and requirements. Not only can you block the location of the data, but the type of information (like a credit card or health record), condition (the context of the information), and the action that is taken (to block completely or send a notification).
4. Privileged Identify Management
Restricting the number of users with admin access can help lower your organisations risk of data loss. However, there will be times when certain employees need limited-time admin access for certain projects.
Privileged Identify Management gives the ability to assign temporary admin status to specific users. You are in control of the access they have, including the information each user needs and the length of time they have access to admin privileges.
5. Advanced Threat Protection
One of the biggest threats to IT security is ransomware, which is spread via malicious links and email attachments. While training your staff on how to decipher a phishing email or phone call is important – training can only go so far as these are getting more and more sophisticated and realistic looking.
Advanced threat protection helps stop malicious links and attachments from getting into your inbox in the first place. It opens the attachment and links a virtual environment and checks for any malicious activity before the email gets to your inbox.
How Datek Can Help...
Datek have experience and know-how when it comes to Office 365, helping to ensure your business has the correct setup and IT strategy moving forward. If you’re thinking about Office 365 migration we can also ensure your business avoids any pitfalls when it comes to the migration process. Or if your organisation currently runs on Office 365, you should make sure you’re implementing the right IT security measures to protect your organisation. Remember, any additional costs of boosting your IT security procedures will far outweigh the cost of a data breach. Get in touch with Datek today and let us know how we can help you!