Demystify & Leverage Security in M365
Chidera Idowu, Senior Systems Architect at Trusted Tech Team, is an expert in Security, Compliance, and Identity management within Microsoft 365 (M365) and Azure environments.
In our most recent Video Meetup (VMU), Chidera walked the Spiceworks community through the existing security landscape with respect to Software-As-A-Service (SaaS). He identified 4 primary drivers for digital transformation within the new Microsoft 365 (M365) security ecosystem:
- The ongoing expansion of the remote workforce.
- Dramatic role change of IT managers due to the shift to the cloud.
- SaaS industry adaption to the ecosystem and its impact on security.
- Dynamic changes in industry best practices due to 1-3.
Chidera also discussed the “division of labor” between Microsoft and IT managers with respect to environmental responsibilities and expectations. A ”Shared Responsibility Model” is applied to the M365 and Azure platforms to meet this end:
Microsoft will assume responsibility for some of the more mundane security tasks, leaving you with control over the areas that have the most direct impact on your users, thereby reducing the administrative strain on your organization.
Admin Center & Secure Score
Chidera indicated that Secure Score is the most important tool in the Microsoft 365 Admin Center. He provided a high-level overview of permissions (i.e., Global Administration), security posture and improvements, point values, score interpretation, and gamification. Read more about all the Secure Score features here.
According to our expert, staying abreast of contemporary best practices is pertinent to successfully managing an M365 tenant. Media outlets like Hacker Noon and Threatpost are particularly helpful resources in that regard. In addition, leveraging your user training and MFA (multi-factor authentication) options can be vital to enhancing your security. Learn more about MFA and 2FA (two-factor authentication) options here.
Chidera informed us that Secure Score is FREE and optimizable via service and subscription consolidations. Understanding which features best align with your business needs will determine which licensing “tier” is best for you and your business. To that end, Chidera conducts security reviews, architects licensing solutions, and assesses security, compliance, and identity management variables to implement sustainable improvement strategies.
Off The Beaten Path
Office 365 Recommended Configuration Analyzer (ORCA) is an obscure feature that enables users to run a report, via PowerShell, to output your current Exchange Online Protection, anti-phishing, anti-spoofing, ATP Safe Links and Safe Attachments configuration parameters.
ORCA displays your configuration, then weighs it against Microsoft best practices, to determine your best reconfiguration. Chidera also mentioned that familiarity with Security and Compliance, Threat Protection, and Safe Documents are all conducive to effective M365 administration.
Access your security Roadmap here.
Subscribe to the Trusted Tech Team Blog
Get the latest posts delivered right to your inbox