Microsoft Teams’ constant updates make it one of the most functional tools on the market. But they also help you keep up with O365 security and governance. We take a step-by-step look at the best practices to guide you on your O365 journey.
The Modern Workplace continually evolves and adds new features and functionality that allow us to work better together. That’s great, but how do we make sure our content stays secure through all this evolution?
Charting our course through O365 Security and Compliance requires constant adapting, that we best accomplish in small, well-ordered steps. We know we must get there, but where do we start?
First Things First
Like most journeys, it’s best to take the path of O365 Security and Compliance in groups of manageable, but meaningful steps. The road may seem long and winding, but when we take smartly grouped small steps, we can adjust quickly and still move forward.
We can group the steps for our recommended Roadmap like this:
- The First 30 Days – we hit the clearly marked trail and start down the right path.
- 90 Days – we start to take side trips and detours, enhancing our protection and gaining confidence in our abilities.
- Beyond – we map as we go, planning for the next turn, the next hill, and the next forest.
Great, Now What? The First 30 Days
The first 30 days are the most critical, as our efforts lay the foundation for the path ahead. Our goals for the first 30 days should be simple, and they are very attainable:
- Establish our Stakeholders and Champions
- Evaluate our existing environment
- Begin basic protection
We meet these goals by addressing them head-on, directly and simply:
- First and foremost, establish the Stakeholders and Champions of our cause! They will come from across the enterprise, but all should have a vested interest in protecting our content.
- Evaluate our existing environment by checking our Secure Score (make sure to write this down as it will be a starting point to help us mark our progress).
- Microsoft provides several valuable tools to begin basic protection:
- Start with O365 Audit Logging. It logs user activity within our Tenant for 90 days.
- Next, turn on Microsoft Cloud App Security. By default, its policies will start us down the right path of security and threat detection.
- Administrative accounts? Let’s get those secured quickly:
- Turn on Multi-Factor Authentication (MFA) for admin accounts.
- Make sure to use Windows 10 for administration tasks—it’s secure!
- Then, enable Azure Information Protection:
- Enhance our security by acting on vulnerabilities.
- Protect our users with Conditional Access policies.
- Take advantage of Microsoft Machine Learning algorithms to protect data and detect risks.
Now that you’ve completed your first 30 days check that Secure Score again! You may be seeing improvement already!
Where Does it Take Me?
Once we have established the basics and started down the right path to even more Secure Score improvement, it’s time to dig into some of the finer details that give us even more protection. Now, on to 90 Days!
After our 30-day tasks have settled, we move into a longer period of refinement. These tasks are a little more involved, but they ultimately reward us with a safer security posture:
- Keep up to date with those software updates. This step allows Microsoft’s ongoing work to keep working for you.
- Review the Secure Score to make sure you address the recommended actions.
- Venture into compliance with the Compliance Manager. This tool will help align our efforts to any policies that may apply.
- Use the Attack Simulator to plan and carry out simulated attacks. This tool will help uncover areas of vulnerability that we may have missed.
- Those admin accounts? Let’s secure them even more!
- Configure Azure AD Privileged Management.
- Create and configure Privileged Access Workstation for admin tasks.
- Turn on MFA for all users. MFA further enhances the security posture across your user base.
- Configure information protection policies. These policies further enhance security across your content:
- Secure SharePoint Online to allow for three levels of protection: baseline, sensitive, and confidential.
Beyond – What’s next?
It’s imperative to monitor and act upon your Secure Score, dashboards, reports, software updates, and the O365 Roadmap to make sure our work is still effective.
Additionally, continue refining the policies we put in place earlier. This practice will tailor the tools to your needs.
Looking over the horizon, plan for Azure Sentinel. Perhaps that will be our next journey.