5 Quick Tips to Improve Microsoft 365 Security

During the midst of the pandemic as more organizations were rapidly moving to cloud productivity tools, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) put out an alert to warn users of rapid Microsoft 365 deployments.

The issue found was that companies were migrating to the cloud platform quickly due to pandemic-related lockdown orders and were often not putting proper security settings into place.

The organization stated, “CISA continues to see instances where entities are not implementing best security practices in regard to their O365 implementation, resulting in increased vulnerability to adversary attacks.”

We’ve found that many organizations suffer from cloud misconfiguration, which means they haven’t put the proper security settings into place on Microsoft 365, or another cloud platform. Companies tend to rely on defaults, which often don’t offer the best level of protection.

If you’re worried that your account may not be as secure as it should be, we have several quick tips below to help you adopt best practices and protect your Microsoft 365 account from being compromised.

1. Enable Alerts for Suspicious Activities

If a hacker breaches an employee account and begins sending tons of phishing emails, it could be a day or two before you realize this is happening. By that time, a lot of damage could be done to your business reputation.

Setting up alerts in Microsoft 365 is simple and it lets your administrator know immediately if there are any signs of trouble with your account so it can be handled immediately.

There are several alerts that you can set up in the Security and Compliance Center in Microsoft 365, here are two that are very helpful:

2. Enable MFA for All Users

Microsoft says that it sees about 300 million fraudulent sign-in attempts on its services each day and that multi-factor authentication (MFA) can stop 99.9% of those attacks. 

This is one of the best account protections you can put in place and you can enable it for all users at the flip of a button.

Once enabled, users will be prompted to set up a device that will be used to send the MFA login code to during login. This code is entered along with the username and password. Even if a hacker gains access to a password, they typically can’t bypass the MFA code requirement.

Links are used far more in phishing attacks these days than file attachments. This is because users aren’t usually as suspicious of links, and also, phishing emails without an attachment and containing only a URL don’t technically contain malware, so they can get past many email filters.

For users with a Microsoft 365 Business Premium account, Safe Links can be enabled in the Security & Compliance Center. 

What this feature does is check links in incoming emails, and if it detects that it links to a malicious site, the link can be disabled.

4. Use One Dedicated Global Administrator Account

The more user accounts you have with administrative privileges in Microsoft 365, the higher the risk for a data breach of a high-level credential. When admin credentials are breached, it’s worse than a standard user, because the hacker will have the ability to change multiple system security settings.

Set up a free dedicated global administrator account and then remove admin account privileges from individual user accounts. Instead, each admin will just sign into the dedicated global admin account and sign back out when finished.

To further enhance the security of this account:

5. Turn Off the Ability to Auto-Forward Email Externally

If a user account is breached, it may not be detected for months if the hacker is just quietly stealing data and not making much noise otherwise. One way they do this is by setting up an auto-forward of the breached account’s email to their own email address.

This can allow them to get password reset notices for other user accounts (banking, etc.) and potentially other sensitive and confidential company data.

You can block this capability by setting up a mail flow rule:

Auto-forward blocking rule parameters:

Get Help Securing Your Cloud Accounts Today!

Don’t leave Microsoft 365 or other cloud platforms with misconfigured security settings. Digital Crisis can help your Houston area business to secure your cloud data and accounts. 

Contact us today to schedule a consultation. Call 713-965-7200 or reach us online.

What You Need to Know About Impending Loss of Support for Internet Explorer 11

They say the only constant is change, and that’s never been more true than when you’re dealing with technology.

Operating systems, hardware, and software continue to evolve, making it necessary to upgrade and leave behind tools and cloud solutions that you may have been using for years. 

One of the long-time browsers that have been a mainstay in offices forever is soon due for retirement.

While Internet Explorer may not yet have reached its end of life, it is losing support from a major platform very soon. Microsoft 365 will no longer support the browser in less than a year and Teams will no longer support it in less than a month.

IE has been around since 1995, but when Microsoft brought out its new Edge browser in 2015, the writing was on the wall for Internet Explorer. For any offices that are still using the browser, now is the time to migrate your workflows to a new one.

Important Internet Explorer 11 Phase Out Dates

Before we go through the pertinent dates that you need to know, let’s discuss what “losing support” means.

Does it mean that suddenly Microsoft 365 applications will stop working in Internet Explorer 11? 

Yes, that could be the case for some of them, for others, you may experience a degraded experience.

What that means, according to Microsoft, is that some new features may not be available when using any of the Microsoft 365 apps in IE11. It could also mean that features that used to work, no longer work. 

The bottom line is that after each of the two phaseout dates, you don’t want to be using Teams or Microsoft 365 in Internet Explorer at all, and you want to have another browser that is supported in place.

Microsoft Teams Stops Supporting Internet Explorer 11 (11/30/2020)

IE 11 will lose support from Microsoft Teams on November 30, 2020. This could seriously impact a remote team who can no longer connect if you’re not prepared. 

It can also cause problems with people not being able to get on Teams video calls if they’re using Internet Explorer.

If your office uses Teams for online meetings, now is a good time to make sure everyone has a supported browser (Edge, Chrome, Safari) and that you make a note on your meeting invites about the loss of Teams support for IE 11.

Microsoft 365 Stops Supporting Internet Explorer 11 (8/17/2021)

For the rest of the Microsoft 365 family, you have until August 17, 2021, before you can no longer use those apps effectively in IE 11. This would impact vital apps like Outlook, Word, Excel, OneDrive, and others.

It’s important to plan a migration well ahead of August so that your team’s workflow isn’t disrupted by everyone having problems on the loss of support date.

Browser Upgrade Options

You have several upgrade options for moving workflows from IE into something else. You will want to check each to make sure other cloud tools you use are compatible.

Here is a rundown of each browser option.

Microsoft Edge

This is the smoothest transition since you’ll be going from one Microsoft browser to another. 

Edge’s Chromium upgrade earlier this year made the browser much faster. It also has excellent security options.

Make sure NOT to upgrade to Edge Legacy (the non-Chromium version) because it’s reaching end of life on 3/9/2021.

Microsoft Edge also has an IE Mode that will allow users to open specific IE legacy sites in IE on Edge, so they don’t have to have a two-browser workflow.

Google Chrome

Google Chrome is the most popular browser in the world, with about 66% of the internet browser market share.

Because of its popularity, it is the most supported as far as browser extensions and cloud software.

Two issues to consider is that Chrome tends to be a memory hog, and some people worry about its security since Google’s main business is selling online advertising.

Safari

Safari is Apple’s native browser on Mac products. While it works great on iMacs, MacBooks, iPads, and iPhones, it’s no longer supported on Windows. This means you could only download an older non-supported version on Windows, which would not be a good idea for IT security.

Safari also has a problem with certain web forms not working in the browser.

Firefox

Firefox is also supported by Microsoft 365, however, not all Teams features will work in this browser. So, it’s not recommended if you use MS Teams, but okay if you only use the other apps in Microsoft 365.

Firefox is seen as being more secure than Chrome but also tends to hog system memory resources.

Ensure Your Upgrades and Migrations Go Smoothly

Migrations mean that data needs to be transferred from an old app to a new one. Digital Crisis can help your Houston area business migrate to a new browser, software, or computer smoothly and with no data lost in the process. 

Contact us today to schedule a consultation. Call 713-965-7200 or reach us online.