Skip to main content
Cyber Security

Securing Microsoft Office 365 For Your Business

By August 23, 2021No Comments
two-factor authentication

If you use the Office 365 system, it is essential that you implement some key security measures to ensure that your data and private information remains protected from loss and /or breach by cybercriminals and hackers. No matter whether you are a small to medium-sized business or a large enterprise, you have to put a few protective measures in place to make your systems and apps cyber secure. Canda is here to give you a few critical tasks to follow to keep your business’ data protected from breaches.

  1. Set up multi-factor authentication (MFA)

Multi-factor is one of the simplest to implement and is incredibly effective. Whenever you sign in to your Office 365 account, you will receive a code on your phone to add as another authentication factor to add to the password to provide a strong authentication process. Even if someone learns about your password, they won’t be able to breach the second factor easily.

Multi-factor in Office 365 is not supported across all of the different access channels. For example, if you have IMAP/POP3 enabled on your mailbox, MFA will not fire for these connections and instead will roll back to using single authentication. This means if you have a compromised password, gaining access to your mailbox is still possible with MFA enabled. Unless you have a need for IMAP/POP3, disable these at the tenant level for all mailboxes to keep your accounts protected.

  1. Educate all employees about cybersecurity

In organisations, it is essential that everyone understands the threats and measures that are out there. A strong culture of security awareness and education about recognising suspicious activity, such as email phishing and potential threats, will likely save the organisation from getting attacked. It is essential that you explain the importance of strong passwords, the protection of devices and set up security features on all computers and accounts across the organisation.

Canda can support the training of all organisational staff members. We have seminars and training available for interested organisations, where we make employees and workers aware of different types of cyberattacks and what to do when you come across one on your business account.

  1. Using admin accounts

Administration accounts are one of the most valuable targets of cybercriminals, as these are privileged accounts which enable access to key systems and data. Make sure you separate the admin account from your everyday 365 to make it more challenging for hackers to come across private organisational data.

Make sure those working with admin accounts understand the risks that come with working with these types of accounts. Set up multi-factor authentication, close all apps and browser sessions before accessing your admin email account and don’t forget to log out when you finish working with the admin account.

  1. Blocking file extensions

To protect accounts from malware and ransomware attacks, you can put specific measures in place to ask users whether they want to open attachments and warn against ones that seem to be compromised. You can even completely block attachments from landing in your inbox that are commonly used for malware. Putting safety measures against phishing attacks is also possible and highly suggested for all types of organisations. This will prevent impersonation attacks and others from landing in your inbox.

If you need support with putting these measures in place, make sure you contact Canda, who can create a cybersecurity plan for your organisation.

  1. Use message encryption

With this setting, your organisation can send encrypted emails inside and outside of the company. This measure ensures that only those are able to view the message who were intended to. It prevents recipients from forwarding the email and encrypts the email to keep it safe from attackers. These can be opened just like a general message but will have a warning written on top that they are encrypted. If you are discussing privileged information within your email messages, turn on this setting to protect cyberattackers from gaining access to the content.

There are multiple ways that your organisation can put protective measures in place for their Office 365 system. It is essential to use more advanced protection than the original settings to ensure that hackers don’t access confidential data. Canda can support your organisation by putting these measures in place and creating a cybersecurity plan for your system. Get in touch with us today if you need cybersecurity support for your organisation, and we will be happy to help in any way we can!



Leave a Reply