Microsoft 365: Six Important Security Features You Should Know (Part 1)


Lack of security, being hacked, illegal access, losing data or having data compromised are common fears in many businesses. Microsoft 365 has a number of built-in security features to protect all users. Many people worry that the cloud is less safe than a totally in-house system. Let’s do a quick check to see just what Microsoft 365 does to protect your business, your data and your staff.

1. Multi-Factor Authentication (MFA)

Most users log in with their password. What happens if someone steals the password? This is where MFA kicks in. MFA requires more than one “proof of identity” before a user gains access. The password is just one of them. Another is to have a passcode sent to the user’s phone. That passcode has to be keyed in as well as the user’s password. so, if an unauthorised person gets the password, they must also have immediate access to that user’s phone.  That is a possibility so Microsoft 365 can introduce a third level of security; a biometric test. This may be a retina scan or a fingerprint.

That is why it is called multi-factor authentication. To gain access to your company’s data, the user must use something they know, their password, something they have, their phone, and something they are, their fingerprint or retina.

This MFA facility comes with options, the basic, built-in version, or more sophisticated versions, depending on how specific your compliance needs are.

2. Mobile Device Management (MDM)

Most staff work remotely at some point. They need access to the company’s data via a tablet or smartphone. These devices get lost, left on buses and trains, and can be stolen, so it is essential that Microsoft 365 offers a level of protection for mobile devices.

Mobile devices are recognised as authorised or not so not all devices will be allowed access even if a user knows a valid password. Assuming the device is authorised, how much access it has can be limited. Personal cellphones, for example, may only be able to access that user’s email or particular documents. To add another level of security, Microsoft Intune is an upgraded MDM that controls how data is used. You can, for example, restrict data being copied from a managed app to an app that is not being managed.

3. Advanced Threat Protection (ATP)

Advanced threats such as ransomware are a huge and growing problem. Microsoft 365’s ATP can prevent malicious links and email attachments from even being accessed by users. Not every systems user is immune to clicking an apparently safe link or opening an email attachment that looks in every way to be work-related. ATP is the barrier in place.

This protection monitors operations and, before a user even sees the link or the email, the ATP opens it in a secure, non-user environment, then checks it for safety, and then releases it to the user.

If you would like to learn more about how technology can keep your data and users safe, then contact us by clicking the link. In Part 2 of this series, we will discuss encrypted mail plus data loss prevention, and identity management and protection.

Related Posts