Tech Tips & Tricks – Microsoft 365 Security

Today, we begin to explore some ways to improve upon the security and usability of Microsoft 365.

Many organizations use Microsoft 365 services for e-mail, file access in the cloud, and to gain access to the latest Microsoft Office software. This becomes a trove of useful data for the business over time.

Microsoft 365 Logo

For many businesses, it’s normal to need to acquire and keep confidential data from its customers. Where there is confidential data, there are data security risks. Here are some best-practices to reduce this risk to your business and customer data.

  • Always use Multi-Factor Authentication (MFA) for your Microsoft 365 accounts. This requires the bad guys to have not only your account password, but access to your phone or other device to gain access.
  • Separate administration functionality from your primary account by creating a secondary account. The secondary account does not need a paid license, but does need to be protected by MFA.
  • Make use of data governance and compliance tools to keep track of important data, such as social security numbers, credit cards, PID, etc.
  • Configure Alerts for PID (Personally Identifiable Data) access and ATP (Advanced Threat Protection) such as phishing attack attempts to your users.
  • Provide end user training, particularly around Security Awareness.
  • Prohibit auto-forwarding mail to limit data leakage.

Resource: Top Ten Ways to Secure Microsoft 365 Business Plans


Did you know that Jurrens & Associates offers Microsoft 365 security assessments, planning and implementation? If you’re concerned about your data security, or want to learn more about how Microsoft 365 can help you and your organization work from anywhere, please reach out to us!