Microsoft Must-Haves for Your Security Checklist

By Jordan Levush | Nov 15, 2021 | Blog

In our last blog post, we took a closer look at the Top Security Features in Microsoft Azure’s Cloud Platform, and how they help companies like yours strengthen their Information Security frameworks when it comes to backups and restoring data.

User access and privacy are just as important to securing your company’s data. We’ve included some of the top questions asked by insurance companies to gauge your privacy status, AND we’ve delivered specific security solutions from Microsoft that fight to reduce the risk of ransomware and malware attacks. If you can’t confidently answer “yes” to the questions below, then it’s time to contact our team.

Do you require Multi-Factor Authentication (MFA) in order for employees to access email via the web?

Believe it or not, when you access your email via the web instead of through an application, you’re opening yourself up to potential risks like spam mail, phishing attempts, and account hacks. With an application known as Microsoft Authenticator, users can safely sign in to their Microsoft accounts without fear of having their passwords compromised. Authenticator allows users to use their fingerprint, smart device, or special pin to confirm access to their accounts. Best of all, it can be used across all Microsoft accounts—not just your work email!

Is your incoming email filtered for malware and phishing attempts?

Microsoft 365 Defender takes the guess work out of email filtering and protection. The cloud-powered program is known for its anti-malware performance—which monitors all interactions on your devices to confirm if the applications you access are harmful or helpful. If there’s a chance that a threat is detected in your system, Microsoft 365 Defender quickly acts and alerts you of the issue.

Do you regularly conduct end user security awareness training?

Your employees might think they’re just a small piece in the puzzle that is your company’s cyber network, but that couldn’t be further from the truth. What they do online matters because they have access to your company’s data and interact with it each day. While it’s critical that your company informs its employees about potential security risks, utilizing solutions like Microsoft 365 Defender helps prevent them from happening in the first place.

Is MFA required to access backup files?

Microsoft Authenticator comes into play again with the ability to use MFA to access backup files. With this next level of protection, you can ensure your data is in the right hands.

Do you require MFA to login as a domain or network administrator?

Oftentimes, domain administrator accounts and network administrators have access to certain data or network controls that other employees’ accounts do not. Because of this responsibility, it’s important to have MFA in place for that extra layer of security that surpasses just a username and password.

Do you segment or departmentalize sensitive data on a business “need-to-know” basis?

Sensitive data is often segmented on a need-to-know basis, meaning companies consider if an employee needs access to specific data to perform their job responsibilities. If they don’t, they should not have access to that information. With Microsoft 365 Compliance Center, your company will be kept in the loop on data compliance performance—from a company compliance score to navigating compliance features and tracking alerts.

Are all your endpoints protected by a modern Anti-X platform including technologies such as EDR/NGAV products with active support subscriptions?

If you can’t check this box, you might benefit from Microsoft Defender Antivirus. The proof is in the name as this security solution defends against viruses that could be detrimental to your devices and data. Used within Windows, Microsoft Defender Antivirus works 24/7 to protect your on-premises data and in the cloud.

If you allow remote user access to your network, is it secured by a VPN, and do you require MFA?

A VPN (virtual private network) offers significantly more privacy for remote workers, so they don’t access company data using a coffee shop’s WIFI or a home network. Once again, Microsoft Authenticator ensures users have easy access to their applications, but with the added security of MFA.

Do you encrypt all sensitive and confidential information stored on mobile devices and on storage devices, or mediums used in transit to and from your network?

We get it, with the new work-from-home wave, more people are working on the go. But that means more people are accessing important company data from various devices… and in multiple locations. So, you must be protected! With cloud-based Microsoft Intune, your company can rest easy knowing users’ mobile devices and applications are not in harm’s way. The service allows companies to be “in tune” with employees’ device usage—from mobile phones to tablets to laptops—and control what data can be accessed when, where, and by whom when working remotely.

Check In with Your Company’s Cybersecurity with CTI