Microsoft 365 Cybersecurity Checklist for 2022

One thing that’s great about Microsoft 365 is that you can instantly see a summary of your cybersecurity posture thanks to the Secure Score rating, which is displayed in the Microsoft 365 Defender portal.

The Secure Score rating is a representation of your organization’s security posture, and your opportunity to improve it. It reflects the collective security state of your identities, data, devices, apps, and infrastructure.

Microsoft even provides specific recommendations that can be addressed by configuring recommended security features, using a third-party application or software, or by performing security-related tasks.

Multi-factor authentication is one of the most effective layers of protection that you can enable to protect your organization. According to Microsoft, it can block 99.9 percent of attacks on your accounts, and turning it on is straightforward:

1. Open the Microsoft 365 admin center.
2. Click the Show all button.
3. Select the Azure Active Directory Admin Center.
4. Navigate to the Azure Active Directory tab > Properties > Manage Security defaults.
5. Select Yes under Enable Security defaults and then click the Save button.

The next time you and your employees sign in to Microsoft 365, you will be instructed to configure smartphone-based authentication.

Microsoft 365 administrators have tremendous power, so it’s important to take some steps to keep their power under control.

You should start by giving each administrator a dedicated admin account and a separate user account. The idea is to use the admin account only for administrative tasks and the user account for everything else.

Administrators should be required to close all necessary apps and browser tabs before using their admin accounts and log out of them after completing admin work.

All users of Microsoft 365 enjoy multiple layers of malware protection by default.

Since March 1, 2022, small and medium-sized businesses with up to 300 users can take advantage of Microsoft 365 Business Premium, which brings together comprehensive security capabilities provided by Microsoft Defender for Business with collaboration tools in one package.

In addition to strong antivirus and anti-malware protection, Microsoft 365 Business Premium includes next-generation protection, firewall protection, and web content filtering, among other cybersecurity capabilities.

According to Verizon, phishing was responsible for more than 80 percent of reported security incidents in 2020. Cybercriminals love to go phishing because this relatively low-cost cyber attack exploits the weakest link in the cybersecurity chain: humans.

A single email message with a malicious link or attachment can easily lead to a large data breach—all it takes is for Microsoft 365 users to not realize that they’re being phished.

Fortunately, Microsoft 365 comes with two useful features, called Safe Links and Safe Attachments, that can be manually enabled to help users avoid phishing threats. You can also turn on the Common Attachments Filter to block certain file types, such as executables, from reaching Microsoft 365 users.

The email wasn’t designed with security in mind because its early users were academics who knew and trusted one another. Over the years, however, it has evolved to become the main communication channel of the business world, and it’s now used by virtually all organizations for internal and external communication alike.

With Microsoft 365, you can protect sensitive emails by encrypting your messages and setting permissions on them. That way, only their intended recipients will be able to read them.

Encrypted messages can be sent directly from Outlook by opening the Options menu and choosing the encryption and permission level from the Encrypt dropdown menu. What’s great about this feature is that it also works with non-Microsoft email clients and email accounts.

As we’ve already mentioned in this article, humans are the weakest link in the cybersecurity chain, so it’s well worth the effort to strengthen it directly by providing employees with Microsoft 365-specific cybersecurity training.

Employees should be educated about Microsoft 365 phishing attacks, the importance of multi-factor authentication, email encryption, and other important topics.

Since Microsoft is adding new features and capabilities to Microsoft 365 on a regular basis, and since cybercriminals are evolving their tactics to stay one step ahead of their targets, it’s important for the cybersecurity training to be performed on an ongoing basis by someone who is deeply familiar with the latest threats.

SIEM is the combination of security information management (SIM) and security event management (SEM) in a single security management system. The purpose of this system is to perform real-time analysis of security alerts to detect and prevent intrusions.

All organizations that use a SIEM tool should integrate it with Microsoft 365 to receive data from its services and applications.

The integration of Microsoft 365 with your SIEM tool can improve your ability to detect anomalous activity while there’s still time to address it.