Cyber attacks are on the rise, and if your business uses an external IT provider, they might have mentioned some of the best practices that Microsoft now recommends all companies adopt as part of the Microsoft 365 service.
In this article, we’ll cover some security features you might already be using, as well as lesser-known features that can significantly reduce the risk of a cyber attack or data breach in your business.
Passwordless Logins
This feature came to Microsoft accounts in January 2024. It’s also known as multi-factor authentication and passkey. While you might already be using it, you can now remove the need for a password associated with your Microsoft account.
Instead, you can use an app like Microsoft Authenticator on your mobile device or a biometric sign-in with your face or fingerprint.
Why is this a good thing? If your password is leaked from another online service, you don’t have to worry about changing it since no password is used.
Conditional Access
Part of Microsoft 365’s Azure infrastructure is the ability to enforce IT-related policies for users in your company. One of the most popular policies is geofencing, which restricts where users can log into the business’s Microsoft 365 services.
Why is this a good thing? The majority of cyber attacks come from abroad, with threat actors attempting to log into user accounts from overseas. With the right conditional access policies in place, it reduces the risk of someone gaining access to your IT systems.
Remember to speak to your IT provider to establish a process for when staff might be traveling for company purposes and to clarify your IT policy on accessing company systems during vacation time.
Azure Intune Compliance
Another policy-related security feature is allowing only compliant devices to connect to your business IT systems.
Currently, your Microsoft 365 services and apps can probably be accessed on any system via a web browser, which can be useful if you work from home and are not supplied with a company laptop. However, businesses are moving to lock down access to company devices only. This stricter policy reduces the risk of someone obtaining your login details and gaining access to your account, as they would need to be on a compliant company device.
And if you’re concerned about personal mobile phones, Microsoft offers an option through the Microsoft Company Portal to securely wrap business data on personal mobile devices.
If you’d like more information about how we can help enable these new security features in your business IT, get in touch with us today.
