In our previous article, we covered how Microsoft 365 protects users through multi-factor authentication, controlling access to company files via mobile devices, and handling cyber-attack threats. In this article, we will look at preventing loss of sensitive data, identity protection, and privileged identity management.
4. Encryption and Data Loss Protection (DLP)
This protection facility is not part of the basic Microsoft 365 platform but is an easy add-on. When email data is encrypted, no outside or other unauthorised user, will be able to open the file; it is that simple. Many organisations use sensitive data, whether it is credit cards, social security numbers, medical details, or anything the company, customers, and users want to be kept private.
Company data may be transmitted in many forms besides email. Spreadsheets, for example, hold a lot of sensitive data. DLP constantly monitors data use, and prevents any attempt, intentional or accidental, to transmit sensitive data to any unauthorised recipient.
DLP policies come with standard protocols, but any organisation can customise their DLP system to meet specific needs. This means that data location, data type, the context in which the data is used, permissible actions, etc, may be included in the loss prevention system.
5. Azure Identity Protection (AIP)
AIP catches, and can prevent, cyber attacks by hackers. It uses machine learning to understand how a company typically uses, transmits, and stores its data. By learning and keeping up to date, it can detect and flag unusual activity. A common example is when a user logs in from a different location or at a different time than usual. It will also flag that, say, two login attempts have been made from a usual location and then from an unusual one in a short space of time. An authorised user is rarely in two places at once. If the AIP detects this sort of activity, it can either block the second attempt or demand, say, multi-factor authentication of the sort we looked at in Part 1. AIP comes in “lightweight” versions, advanced versions as well as add-on versions for mobile devices.
6. Privileged Identity Management (PIM)
PIM focuses on admin privileges. Most users do not need, and should not have, the authority of a systems administrator. Any hacker who breaches this privilege level can do untold harm. Occasionally a non-admin level user may need admin authority for a particular area or for a short period of time.
In these cases, ordinary users may be granted limited time or limited area access as and when needed. Companies can customise both access and time, so the information they need can only be accessed after the temporary privilege has been activated. PIM is also an add-on for Microsoft 365 users.
A Final Thought
Microsoft 365 offers a feature where companies can run a security assessment and find their “basic” security rating. It then lists the actions that may be worth considering to improve security. The list is useful but generic. If you would like more help with measuring your security standards or with improving those standards, please just click here to contact us.