How to Make Your Office 365 Email More Secure

4?easy?steps?to enhance?the security of your company’s?email??

Email remains the primary point of entry for hackers seeking to breach your organization’s network.?But most small businesses simply do not?have the resources to properly hire a dedicated email security specialist.?If your business uses Microsoft Office 365, these?four steps?are easy to implement and can drastically improve the security of your email.?

#?1?Set up?Multi-Factor?Authentication?

Why it’s important??

Your employee’s personal account was hacked.?You feel for them,?but as far as your company’s security goes, it’s not your problem, right??Think again.?If your employee uses the same password to access your?company’s?network as the password that was stolen from their personal account, cybercriminals?might?be able to breach your network.??

How?multi-factor authentication keeps your network safe?

Multi-factor authentication requires?your employees?to?provide at least two pieces of evidence to verify their identity.?For example, if someone is logging into your network on a new device,?that person?will have to confirm their identity by responding to an email or text message (in addition to providing their network password).?Requiring?at least?two steps with multi-factor authentication?will help you?prevent?hackers from breaching your network with stolen log-in credentials.??

You should also force your employees to access your network with Single?Sign-On. Single?Sign-On is?an authentication method that?allows?users to securely authenticate with multiple applications and websites by using just one set of?log-in?credentials. Using Single Sign On allows you?to?enforce stricter password requirements (and makes your employees’ lives easier by eliminating the need to remember multiple passwords for different applications).??

# 2 Use?a?Dedicated?Administrative?Account?

Why it’s important?

One word: Ransomware. You’ve heard the horror stories.?Business owners at the mercy of cybercriminals who?have taken a company’s network hostage.?All?your important documents. Your clients’?sensitive personal information.?

Imagine being locked out of your own network and having this data in the hands of a hacker…your business?operations?ground to a halt.?It’s no wonder cyber-insurance premiums are on the rise.??

Secure your global administrative account?

Your administrative account is the holy grail for cybercriminals. By gaining access to your administrative account, a hacker can quickly take control of your?entire?network. Using multi-factor?authentication for your administrative account is a good first step but an account of this?importance?requires additional security controls.?Set up a separate, dedicated administrative account?with log-in credentials that are different from all your other user accounts. A dedicated administrative account greatly reduces the threat of this important account falling into the wrong hands.??

# 3 Zero Trust – Always Assume Your Employees Will Click the Bad Link

Why it’s important?

Murphy’s law.?Anything that can go wrong,?will?go wrong.?Phishing schemes are becoming more sophisticated than ever.?Train your employees to understand phishing attacks but prepare your business for a world where?your employees click on the bad links.??

How to mitigate this risk?

Screen emails, links and attachments in a sandbox?server that is disconnected from your primary network.?Microsoft’s “Safe Attachments” provides an additional layer of protection by?using?a virtual environment to check attachments in email messages before they?are delivered to recipients (a process known as detonation).?You should also make sure that Windows’ built-in administrator account is turned off on your users’?local?desktops.?

#?4?Establish alerts to?monitor suspicious activity more effectively ?

Why it’s important?

The best offense is a good defense. Setting up a robust monitoring system can help you detect threats before a breach.??

What you should monitor?

• Administrative changes ?
• New user creation ?
• Forwarding rules (Stop auto-forwarding for email) ?
• Data loss protection ?
• Failed login?attempts ?

Last but not least, be sure to train your employees. Your employees are on the front lines and act as your first line of defense. The better prepared and educated your employees are, the safer your network is. Regularly send test “phishing” emails to your employees and give users an easy button to flag suspicious emails. Set aside ten minutes each month to provide them with tips and tricks to improve efficiency (and cybersecurity).??

Educated employee, safer network. Not quite as catchy as?happy wife, happy life…but you get the point.