Migration to Microsoft 365: top 3 cybersecurity tips

Migration to Microsoft 365 is a smart move for your business if you want to protect yourself and be ready to grow in future.

But migrating to Microsoft 365 from another platform calls for more than just transferring a bunch of data across.

You will also need to learn how to protect that data. Your old cybersecurity configuration isn’t going to apply any more.

On the plus side, this is a fantastic opportunity to wipe the slate clean. This time, you can make sure your organisation’s cybersecurity doesn’t have any vulnerabilities at all.

To get you started, here are three top cybersecurity tips for your new Microsoft 365 installation:

Top 3 cybersecurity tips for your Microsoft 365 migration

1) Enable email security

Email security is one of the absolute bedrocks of your business cybersecurity in the modern world. This is because email is the number one way that organisations suffer cyberattacks. Almost 19 out of 20 cyberattacks get in via email.

Basic default settings don’t do the job. A properly thought-out configuration is needed. Of course, the danger with custom settings is that – if you aren’t 100% sure what you’re doing – you end up being too loose or too strict.

In the case of the latter, your team may not receive legitimate emails. With the former, your team gets truckloads of spam and your business is even more at risk.

Some of the most important email security steps to take include:

  • Using Defender for Office 365 with Advanced Threat Protection
  • Configuring email security protocols like DKIM and DMARC
  • Putting anti-malware and anti-phishing policies in place

2) Think carefully about your identity security policies

The digital identity of every member of your team includes all of the login credentials they use and all of the things they do online. Often, these credentials get cracked and traded between cybercriminals on the dark web. Sometimes, for shocking sums of money!

This is a problem when around 8 out of 10 of all employees routinely use the same password for multiple accounts, many of which are incredibly easy to break.

The best defence against this in the Microsoft stable of solutions is Entra ID Protection. This handy tool has:

  • User Risk Policies – Entra monitors your team’s usual login practices for a few days and then uses this as a base to check when their behaviour diverges, possibly indicating a security risk.
  • Sign-in Policies – these are the kind of checks for multiple incorrect login attempts by one user that could be the sign of someone trying to break in.

3) Set drive permissions

OneDrive uses different drive permissions than other systems. For people familiar with, for example, Google Drive, it’s important to understand the granularity of control that OneDrive gives you.

OneDrive lets you do all sorts of things that can be beneficial for cybersecurity, including:

  • Block access to accidentally shared files
  • Add an additional password for more security
  • Prevent downloads or set timers for how long until files are deleted

Bonus tip – use all Microsoft 365’s features

Those used to other systems like Google Workspace may not be aware of the full suite of cybersecurity features that Microsoft 365 offers. These include:

  • Mobile Device Management – this keeps all of your organisation’s mobile devices centrally managed so they can be updated, cybersecurity policies enforced across them, and individual devices even blocked remotely in the event of loss.
  • Advanced Threat Protection – we touched on this briefly, but it’s worth reinforcing just how good this tool is as protection from phishing attempts and malware.
  • Multi-Factor Authentication – MFA should be a minimum standard. The Microsoft Authenticator app ensures your team needs to use something more than just a password to log in, massively increasing your cybersecurity.

Get the best from your Microsoft 365 migration

This is far from all of the cybersecurity measures you should be taking after your Microsoft 365 migration. But they’re a good indication of where to start – and of how wide-ranging and effective the protections Microsoft 365 offers really are.

Need to ensure your migration from any provider to Microsoft goes ahead without a hitch?

Dial A Geek are a trusted cyber security company in Bristol, we have already helped over 1000 businesses in Bristol and beyond get the best from their tech with our managed IT services – whether that means migrating to Microsoft or perfecting cybersecurity with their current provider, such as Google.

Reach out to us today to set up a cost and commitment-free consultation with Managing Director Gildas Jones.

ALL ARTICLES