a group of people looking at a laptop
Read Time, 5 min.

In times like these, cyber security may not be at the top of our priority lists. But it’s important to be aware of the threats that switching from on-premises to remote working conditions pose to organizations across the world.

As we seek to rapidly deploy cloud-based collaboration services to help professionals work from home, we may lose sight of the security threats that can accompany this shift. Your chosen applications may have a limited set of security controls.

How you can boost security today

Without additional security controls, you rely on user awareness to prevent impactful mistakes and on targeted monitoring with whatever logs are available. This is not an ideal situation.

But in the Microsoft cloud, the gatekeeper for all cloud security-related things is Azure Active Directory (Azure AD). And it makes sense to focus efforts there first, even if the collaboration service you wish to provide your users is not from Microsoft. Then, once you have established secure access, it really depends on the chosen solution as to which controls are available. So, being aware of what’s in the box is important.

In this article, we will list some of the security controls available to our customers. All with the goal of helping you to bolster security quickly – while reducing the impact on productivity.

Security defaults – Azure Active Directory

For Azure AD, we recently introduced security defaults. These fall under the category of what we feel are the most basic and yet the most important controls to consider. These defaults help you enforce multi-factor authentication (MFA) for administrative accounts and then give you the option of enabling the Microsoft Authenticator mobile app for users. Note that it is not granular, so it will either be on or off (by user state). However, you can give users the option to ‘remember my device’ to reduce the amount of times they are asked to perform 2-step authentication.

To see what the configuration and user experiences look like before you start configuring, take a look at this video one of my colleagues made.

a screenshot

Azure security

Security defaults in Azure AD make it easier to be secure and help protect your organization because they contain preconfigured security settings for common attacks.

These are configurable controls on top of our platform in the area of accounts and identities. Read about the shared responsibilities model to understand which security tasks are handled by Microsoft as the cloud provider and which tasks are handled by you.

If there’s nothing else you can do, the above is a strong starting point. If your organization has access to Premium features in Azure AD, it is definitely advisable to use those as they provide you with additional options that greatly increase account security, as well as offering more fine-grain controls that increase usability.

Powerful quick wins with Office 365 and Microsoft Teams

So, let’s talk about what we can do for Microsoft’s collaboration platform, Office 365. This includes Microsoft Teams. In fact, Microsoft is currently offering an extended trial to support remote workers using Microsoft Teams. Since these workloads are connected to Azure AD, the controls mentioned above also apply.

Our Enterprise Cybersecurity Architects Mark Simos and Matt Kemelhar provided the input for our Office 365 Security Roadmap. This roadmap contains a prioritized overview of recommended security configurations and practices and gives you a clear path of where to focus.

While we strive to achieve as much as possible in the long-term, some of the best first steps to take can be found here: 30 days – powerful quick wins.

Microsoft Secure Score

When it comes to security, it’s increasingly difficult to know what you should be doing first or next. There are a multitude of considerations around information protection, security management, security monitoring and so on – and we certainly don’t recommend taking any shortcuts around these areas.

This is where Microsoft Secure Score – free for all customers – can help.

By following your Security Score recommendations, you can protect your organization from threats. From a centralized dashboard in the Microsoft 365 security center, you can monitor and work on the security of your Microsoft 365 identities, data, apps, devices and infrastructure.

Secure Score gives you a way to improve your security posture in a structured way by providing visibility and actionable recommendations. Security posture management is a complex topic for any organization. And if you want to enable continuous security posture improvement (which you do!) – you’ll need to make sure it’s well rooted in your organization.

So, even though this article started with recommendations to cover the basics quickly, we’ve seen there’s always something more to do. Microsoft Secure Score is an excellent tool for you to work on your organization’s security posture. It’s free to use, and a great starting point.

Find out more about multifactor authentication (MFA)

As mentioned above, MFA is a vital piece of the security puzzle. By requiring multiple forms of verification to prove identity when signing into an application, MFA can immediately help secure your business against breaches. And with Azure AD, you can enable MFA at no extra cost.

Click here to find out more about boosting security with MFA.

Enable remote working with Zero Trust security

Understanding “Zero Trust” security and how companies can build cloud strategies around it is crucial as staff increasingly is work remotely.

With a Zero Trust model, instead of assuming everything behind your corporate firewall is safe, you assume breach and verify each request as though it originates from an open network. Regardless of where the request originates or what resource it accesses, Zero Trust teaches you to ‘never trust, always verify.’

Click here to find out more about Zero Trust security.

Enable multi-factor authentication for free

Help secure your organization with just one step

Discover more related articles per industry:

Education

  • A group of students in front of a school

    PCOU Willibrord uses smart automation to define the future of education

    “It’s all about teaching and giving time to the educators, so they can give time to the students. If we can make IT simple, that’s my purpose, my thing.” Peter Schep, ICT Manager at PCOU Willibrord Foundation, explains why he believes efficient IT is central to the learning and development of both educators and students. […]

  • Cloud

    A guide to GDPR for universities

    With the EU’s new General Data Protection Regulation coming into effect on May 25, understand how universities like yours can take the right steps towards compliance with this free eBook – and other useful resources. Your university on a journey on a journey Your university is on a journey with lots of ‘data subjects’. They’re […]

Government

  • a man and two women standing in front of a brick building

    Ajuntament de Lleida: transforming the public sector with a modern, virtual workplace

    “At Ajuntament de Lleida, we think differently. We embrace new technology. And when we see that it could add real value to the work we do, we find a way to make it happen.” Carles GinéSabaté, Systems Implementation Planning Manager at Ajuntament de Lleida, is reflecting on his organization’s open-armed approach to digital transformation and […]

  • How VR Group is using automation to secure Finland’s railways

    How VR Group is using automation to secure Finland’s railways

    “Being at the helm of a critical piece of infrastructure, we have a huge responsibility towards our partners and clients. That’s why safety and security are crucial elements of what we do and how we operate.” Mikke Maronen, CISO at Finnish railway company VR Group, is talking about the importance of protecting his business from […]

Healthcare

  • A smiling man wearing glasses looking at the camera

    HUS: sharing data securely to make life-saving decisions

    Illnesses and diseases don’t often play fair – an unfortunate truth that was proved by the COVID-19 outbreak in early 2020, heavily hitting healthcare organizations with challenges the world hadn’t seen in a century. Hospitals needed a rapid response to reduce spreading the virus without affecting patient care. A high-pressure situation for any institution, but […]

  • a person preparing food in a kitchen

    Humanitas-DMH: empowering key workers with a secure digital support

    “Our goal is to create an environment where people with mental disabilities can feel safe, secure and happy.” Marcella van Kraaij, Digital Transformation Advisor at Dutch healthcare provider Humanitas-DMH, is discussing her organization’s key objectives – and how the technology her team recently adopted is helping it to achieve them. Every day, the carers and […]

Manufacturing

  • a woman smiling for the camera

    Etex Group: Future-proofing employees to work anywhere across the world

    When COVID-19 spread across Europe in early 2020, businesses entered a new digitally-dependent age. Social distancing measures had asked offices of all shapes and sizes to close their doors, sparking organizations to quickly find other virtual ways for colleagues to meet and collaborate remotely. But for Belgium building material specialist Etex, this was a step they were ready for – having already implemented a cloud-based infrastructure and collaboration tools […]

  • Mais on a sunny day

    COFCO International: How cloud technologies ensured business continuity during challenging times

    “I have worked at COFCO for 12 years, always in an office. But I have spent the last 63 days working from home.” Marcus Seelbach, Chief HR Officer at global agribusiness COFCO International, is talking from his home via video call about the transition he and all his colleagues have undergone since COVID-19 led to the closure of the company’s offices worldwide. “But thanks to the preparation and […]

Retail

  • Picture from the back of a person attending a Teams meeting with 2 colleagues, discussing about a furniture fabric.

    Zuiver: Supporting both business and culture through technology

    “Since moving to the cloud, there are no limitations anymore. And I’m certain without this technology, we would not have seen the growth we have today.” Jaap Landsaat, CFO and Head of IT at Dutch furniture designer Zuiver, is talking about the profound impact technology has had on the business he co-founded more than 20 years ago. “Back then, we had 100 orders a week […]

  • HeadBrands is ready for the future with Microsoft 365 Business

    HeadBrands is ready for the future with Microsoft 365 Business

    Since its creation in 2010, HeadBrands has continued to grow, rapidly becoming the leading retailer of hairdressing products in Scandinavia. HeadBrands needed a modern IT solution to increase its business productivity and improve collaboration, both within the company and externally. Its response to this challenge was to replace most of its previous services with Microsoft […]

Discover more related articles per dossier:

Customer Stories

  • Helping Swedish leaders succeed with modern workplace solutions

    Helping Swedish leaders succeed with modern workplace solutions

    A lack of consistency will always make business more difficult. Ledarna, a trade union serving executives across Sweden, discovered this as its employee numbers swelled to over 170. Shifting from legacy tools and systems helped the company to streamline its processes and enhance collaboration, not to mention boosting security and opening up new opportunities for […]

Digital Transformation

  • a person sitting in front of a laptop computer

    The ‘Big Bang’ approach to digital transformation – and how to make it work

    These days there’s no such thing as ‘business as usual’. Change and disruption are the new normal. Just think of the changes affecting your organization right now, with new technology and techniques driving new attitudes and expectations from employees and customers alike. Everything is changing. And the one thing all those changes have in common […]

Security & Privacy

Tips