You are currently viewing Expand Your Knowledge on Microsoft Security

Expand Your Knowledge on Microsoft Security

Microsoft 365, as a service, contains numerous administration portals, options, and configuration settings centered on security. Azure Active Directory for Authentication is utilized to protect each service while each application grants authorization for users to access the apps themselves and the content within them. However, it should be noted that the human element of teaching and guiding users to comprehend the restrictions and what they can be doing to help minimize security threats should not be ignored. To say this a different way, enabling features and controls is not enough. Luckily, security within Microsoft 365 goes well beyond that with Organization Security, which adds end-user training and guidance to robust security controls and protection.

Microsoft 365’s organizational license includes five fundamental security features and controls which reside within Azure Active Directory, at no additional cost.

  • Enforcement of Azure multi-factor authentication registration for all users
  • Multi-factor authentication requirement for administrators
  • Multi-factor authentication requirement for all users
  • Blocking of insecure legacy authentication protocols
  • Privilege access protection

As an organization, you must factor in the level of risk you are willing to accept when deciding which security protections you will utilize. Why? Because tinkering with the security defaults will do just that… fluctuate the risk you will be taking on. It has been widely accepted that the best practice is to deploy a combination of controls, features, services, and products. This will help your organization achieve a stronger security posture long-term, since there is no singular configuration of security features or controls that can meet every organizational need. More granular control and protections that can cater to your organization’s unique configuration is made possible by the hierarchical security features of Microsoft 365. At the top is Microsoft’s overall service level, followed by the tenant level which has a core emphasis on authentication and authorization — specific to your organization. Finally, are all the features which reside in each application and component. The ability to tailor settings to meet the unique needs and requirements of your organization, as well as the level of risk you are willing to accept gives this design an advantage over the sole use of default security settings.

The unified pre- and post-breach enterprise defense suite, Microsoft 365 Defender, is another tool Microsoft has developed to keep your organization protected. Integrated protection against sophisticated attacks is made possible by natively coordinating detection, prevention, investigation, and response across applications, identities, email, and endpoints. Security professionals can leverage the Microsoft 365 Defender solution to stitch together the threat signals received in order to better understand the scope and severity of the threat. Information on how the threat entered the environment, what it’s affected, and the current impact on the organization can also be determined. Automatically, action takes place to prevent or stop the attack and self-heal any endpoints, user identities, and mailboxes that have been impacted. The Microsoft 365 Defender portal provides a cross-product single pane of glass. This allows for all information on detections, impacted assets, automated actions taken, and related evidence to be placed in a single queue and a single pane, allowing for a user-friendly central view. Quick access to information, simplified layouts, and ease of use fostered by the aggregation of related information is emphasized by Microsoft to optimize the usability and benefits of the 365 Defender portal.

Microsoft 365 Defender has you covered with a large array of services including Defender for Endpoint, Defender for Office 365, Defender for Identity, Azure Active Directory Identity protection, and Defender for Cloud Apps. A special cross-product layer augmentation of the individual service components is deployed by Microsoft 365 Defender to accomplish several important tasks. For one, signal sharing and automated actions work to protect against attacks and develop defense responses across services. Additionally, the combination of data on alerts, suspicious events, and impacted assets into ‘incidents’ helps tell the full story of the attack for security teams across product alerts, behaviors, and context. Self-healing for impacted assets through automated remediation can also be achieved when triggered in the event of a compromise. Finally, security teams are enabled to conduct detailed and effective threat hunting spanning endpoint and Office data thanks to the cross-product layer augmentation from Microsoft 365 Defender.

The ability to classify and protect your organization’s data, while also ensuring that ease of collaboration and user productivity aren’t negatively impacted, is made possible with sensitivity labels from the Microsoft Information Protection solution. Why is there a need for these sensitivity labels? Well, now more than ever people are collaborating with others both inside and outside the organization. Content can roam everywhere, across devices, apps, and services; no longer staying behind a firewall. Roaming content comes with an increased risk so your organization will want to take steps to make sure content is shared in a secure and protected way that aligns with your organization’s business and compliance policies.

Sensitivity labels act as a stamp applied to assigned content. These labels are customizable, clear text, persistent, and easily integrated into user’s existing workflows. A single sensitivity label can be applied to each item that supports them and will appear like a tag on user apps. Both a retention label and sensitivity label can be placed on documents and emails.

Any configured protection settings for labels can be enforced on the content when a sensitivity label is applied to an email or document. For instance, emails and documents can be encrypted to prevent unauthorized people from accessing data. Permissions to perform specific actions for a specified amount of time can be granted to certain users or groups. When you use Office apps, content can be marked by adding watermarks, headers, or footers to emails or documents that the label has been applied to. Also, when you enable the function to use sensitivity labels with Microsoft Teams, Microsoft 365 groups, and SharePoint sites you will be protecting content in containers including sites and groups. Finally, labels have the capability to be applied automatically to emails and files. You can also recommend a label.

ACP CreativIT offers Microsoft experts who would be happy to help your organization better understand the security features and settings available within Microsoft 365. Talk to one of our experts today at or visit our website here.


Source one: click here

Source two: click here

Source three: click here