Acronis Landing Page

Protecting Microsoft 365 environments matters

Most organizations today, both large and small, are moving or have already moved to cloud-based Software-as-a-Service (SaaS) platforms such as Microsoft 365. Like any other software, these cloud-based systems require a certain degree of technical skill to set up correctly and to secure against various threats and risks. Out-of-the-box productivity software is designed to be as easy to use as possible, with as few friction points as possible.

The threat landscape that has been emerging during the past few years has forced some cloud providers to re-evaluate their “default” configurations, however. Case in point, Microsoft has been taking steps to improve the default security posture of tenants in the Microsoft 365 service. For example, legacy authentication (a.k.a. 'Basic auth'), which is susceptible to password spray and other common attacks, is being deprecated later this year.

Microsoft also has started enabling something called 'Security Defaults' for new tenants, which forces users to register for Multi-Factor Authentication

(which can prevent 99% of identity-based attacks). While older tenants also have access to this feature, it would need to be manually switched on.

Even though Security Defaults is a great improvement for the baseline configuration of new Microsoft 365 tenants, there are far more opportunities for managed service providers (MSPs) to manage risk and implement cybersecurity initiatives for their small and mid-sized business (SMB) customers in the cloud. In fact, most customers will probably want to tailor their security policies using the help of talented professionals. And advanced features like Conditional Access are actually quicker and much less expensive to configure in the cloud than most traditional security solutions that would have been deployed on-premises in the past.

Desktop and Peripherals Standard Keyed Locking Kit 2.0

This output should be audited on a regular basis and compared to a known good sample or baseline from the tenant. These items correlate with sub-controls from CSC #16: Account Monitoring and Control, as well as #18: Application Software Security.

Is there more we can do in the category of least privilege? Of course. There is always more we can do, but these items here will be accessible to most managed environments and popular subscriptions such as Microsoft 365 Business Premium. That brings us to our last Zero Trust principle.

For more information contact us today

0800 368 9646 or