But in the Microsoft cloud, the gatekeeper for all cloud security-related things is Azure Active Directory (Azure AD). And it makes sense to focus efforts there first, even if the collaboration service you wish to provide your users is not from Microsoft. Then, once you have established secure access, it really depends on the chosen solution as to which controls are available. So, being aware of what\u2019s in the box is important.<\/p>\n
In this article, we will list some of the security controls available to our customers. All with the goal of helping you to bolster security quickly \u2013 while reducing the impact on productivity.<\/p>\n
Security defaults – Azure Active Directory<\/h2>\n
For Azure AD, we recently introduced security defaults<\/a>. These fall under the category of what we feel are the most basic and yet the most important controls to consider. These defaults help you enforce multi-factor authentication<\/a> (MFA) for administrative accounts and then give you the option of enabling the Microsoft Authenticator mobile app for users. Note that it is not granular, so it will either be on or off (by user state<\/a>). However, you can give users the option to \u2018remember my device\u2019 to reduce the amount of times they are asked to perform 2-step authentication.<\/p>\n To see what the configuration and user experiences look like before you start configuring, take a look at this video one of my colleagues made<\/a>.<\/p>\n Azure security<\/p><\/div>\n Security defaults in Azure AD make it easier to be secure and help protect your organization because they contain preconfigured security settings for common attacks.<\/p>\n These are configurable controls on top of our platform in the area of accounts and identities. Read about the\u202fshared responsibilities model<\/a>\u202fto understand which security tasks are handled by Microsoft as the cloud provider and which tasks are handled by you.<\/p>\n If there\u2019s nothing else you can do, the above is a strong starting point. If your organization has access to Premium features in Azure AD, it is definitely advisable to use those as they provide you with additional options that greatly increase account security, as well as offering more fine-grain controls that increase usability.<\/p>\n So, let’s talk about what we can do for Microsoft’s collaboration platform, Office 365. This includes Microsoft Teams. In fact, Microsoft is currently offering an extended trial<\/a> to support remote workers using Microsoft Teams<\/a>. Since these workloads are connected to Azure AD, the controls mentioned above also apply.<\/p>\n Our Enterprise Cybersecurity Architects Mark Simos and Matt Kemelhar provided the input for our Office 365 Security Roadmap. This roadmap contains a prioritized overview of recommended security configurations and practices and gives you a clear path of where to focus.<\/p>\n While we strive to achieve as much as possible in the long-term, some of the best first steps to take can be found here:\u202f30 days \u2013 powerful quick wins<\/a>.<\/p>\n When it comes to security, it’s increasingly difficult to know what you should be doing first or next. There are a multitude of considerations around information protection, security management, security monitoring and so on \u2013 and we certainly don\u2019t recommend taking any shortcuts around these areas.<\/p>\n This is where Microsoft Secure Score<\/a> \u2013 free for all customers \u2013 can help.<\/p>\n By following your Security Score recommendations, you can protect your organization from threats. From a centralized dashboard in the Microsoft 365 security center, you can monitor and work on the security of your Microsoft 365 identities, data, apps, devices and infrastructure.<\/p>\n Secure Score gives you a way to improve your security posture in a structured way by providing visibility and actionable recommendations. Security posture management is a complex topic for any organization. And if you want to enable continuous security posture improvement (which you do!) \u2013 you\u2019ll need to make sure it\u2019s\u202fwell rooted in your organization<\/a>.<\/p>\n So, even though this article started with recommendations to cover the basics quickly, we\u2019ve seen there\u2019s always something more to do. Microsoft Secure Score is an excellent tool for you to work on your organization\u2019s security posture. It\u2019s free to use, and a great starting point.<\/p>\n As mentioned above, MFA is a vital piece of the security puzzle. By requiring multiple forms of verification to prove identity when signing into an application, MFA can immediately help secure your business against breaches. And with Azure AD, you can enable MFA at no extra cost.<\/p>\n Click here<\/a> to find out more about boosting security with MFA.<\/p>\n Understanding “Zero Trust” security and how companies can build cloud strategies around it is crucial as staff increasingly is work remotely.<\/p>\n![\"a](\"https:\/\/pulse.microsoft.com\/uploads\/prod\/2020\/03\/Azure_Security.jpg\")
Powerful quick wins with Office 365 and Microsoft Teams<\/h2>\n
Microsoft Secure Score<\/h2>\n
Find out more about multifactor authentication (MFA)<\/h2>\n
Enable remote working with Zero Trust security<\/h2>\n