Cloud platforms like Microsoft 365 offer several security features for business. However, having those security features available and actually configuring them are two separate things.
Unfortunately, many businesses in the DFW area and throughout the country leave their cloud security at default settings, leaving their accounts vulnerable to a breach or ransomware attack.
When companies haven’t properly set cloud security, it’s termed “misconfiguration,” and it’s a bigger problem for cybersecurity than you may realize.
In the 2020 Cloud Security Report by Check Point, IT security professionals agreed that misconfiguration was the #1 threat to cloud security.
If you’re using Microsoft 365 for your business workflows, it’s important that you use best practices for cloud security, protecting things like account access, email accounts, and administrative functions.
Here are some of the best settings you can put in place to improve the security of your account.
Set Up a Dedicated Global Admin Account
If you have five administrative-level accounts instead of one, you leave yourself four times more vulnerable to an account takeover that involves administrative privileges.
Rather than granting administrative functions to user accounts, set up a single dedicated account that all admins can use when they need to do administrative functions.
You do not have to pay for another user license to set up a dedicated global administrator account, and because the account isn’t used for email or other activities, it’s less at risk of having the password compromised.
Require All Users to Use Multi-Factor Authentication (MFA)
Enabling MFA for all users is one of the best things you can do to prevent a hacker from compromising a user account. In fact, Microsoft says that MFA is 99.9% effective at stopping account compromise. The company sees about 300 million fraudulent sign-in attempts on its platform every day.
Once you’ve enabled MFA, users will be prompted at their next sign in to set up an approved device to receive the MFA code, which will be entered along with their password at sign-in.
MFA helps stop dangerous insider security risk.
Set Up Suspicious Activity Alerts
If a hacker gains access to a user account in Microsoft 365, this will typically also give them access to that user’s email. They’ll often use this to send out spam and phishing attacks by the hundreds.
This can go on for 24-48 hours before anyone being aware if you haven’t added any alerts.
In the Security & Compliance Center of Microsoft 365 you can set up an alert for this problem and another common warning sign of a breach. What you’ll do is set up alerts for:
- Sent messages passing a specific volume threshold
- User logins from a suspicious geographical location
Prohibit Auto-Forwarding Outside Your Domain
Another sneaky tactic that a cybercriminal can use once they’ve gained access to a user account is to set up an email auto-forward of that user’s email to their own email address.
Unless a user specifically looks at their auto-forward settings, they may not realize this for months. All the while, the hacker is gaining access to sensitive company data, password reset emails, and more.
You can add this security setting by doing the following:
- Go to the Exchange admin center
- Select “rule” in the mail flow category
- Click to create a new rule
- Select “More options” at the bottom of the window
- Create a rule that does the following:
- If sender is internal
- If recipient is external
- If message type is Auto-forward
- Block message
- Add warning text that this action is prohibited
- Click Save
Warn Users of Office File Attachments
48% of dangerous email attachments are Office files. These are used because users tend to trust files like Word and Excel, and they can be weaponized with malware by using the macro feature to run a script.
You can improve your office’s phishing protection by setting up a strong warning message to users when a macro-enabled file attachment is received in a message.
To do this:
- Go to the Exchange admin center
- In the mail flow category, select rules and create a new rule
- Click to open more options and use the settings below
- Once you’ve added the rule, click Save.
Warning for Office Macros:
- Apply rule if a file extension matches the designated types
- Specify the following MS recommended file types: dotm, docm, xlsm, sltm, xla, xlam, xll, pptm, potm, ppam, ppsm, sldm
- Set action to “Prepend a disclaimer”
- Add your message text. (Suggested by Microsoft, “Do not open these types of files—unless you were expecting them—because the files may contain malicious code and knowing the sender isn’t a guarantee of safety.”)
Are Your Cloud Accounts Properly Secured?
Leverage IT Group can help your DFW area business with Microsoft 365 security configuration, secure file storage and sharing, and more.
Contact us today to schedule a free consultation. Call (469) 458-0559 or reach us online.