Just a moment, logging you in...
Security baselines and best practices for Microsoft 365 customers
Many clients opt to upgrade to Microsoft 365 Premium or Microsoft 365 E5 SKUs with the intention of bolstering their security measures. However, they often find themselves unable to fully utilize the potential of their licenses due to the inherent challenges of activating complex functionalities.
Acquiring the necessary skills, experience, and processes to optimize these services proves to be a daunting task, and maintaining such capabilities over the long term becomes nearly impossible.
Recognizing this predicament, our Microsoft 365 Cyber Protection Pack offering aims to address these concerns by providing clients with the essential skills and ongoing support needed to configure these services effectively. Through our comprehensive package, we strive to significantly enhance clients' overall Microsoft security score, enabling them to make the most out of their investment while fortifying their security posture.
To help you secure and de-risk your business, we created the Microsoft 365 Cyber Performance Pack which addresses:
Email signatures for marketing and compliance • CodeTwo Email Signatures for Microsoft 365 - Create and manage email signatures, legal disclaimers, automatic replies, and marketing campaigns. Stay compliant with GDPR and POPIA • Configure Email Authentication – SPF, DKIM and DMARC are DNS records that mail servers use to validate or prove that your email is coming from a trusted source. Protect your reputation and remove the risk of your email domain being used to launch cyber-attacks. • Outlook Email Encryption branding (Azure AIP P1 or P2 SKU) – Customise your email encryption messages. • Customise other settings for Outlook Email Encryption (Azure AIP P1 or P2 SKU) – (1) Encrypt PDF Attachments, (2) Automatically decrypt journal messages for use in third-party email archives, (3) Prevent automatic decryption of downloaded attachments.
Security best practices for configuring exchange online • Configure the Unified Audit Log – The Unified Audit Log is the primary source of forensic data for any incident Response engagement. • Audit and Block Legacy (basic) authentication – Microsoft will be disabling Legacy authentication. Our team will help you transition to Modern Authentication and identify any mailboxes affected when Legacy Authentication is disabled. • Block sign-in for all shared mailboxes – Bad actors often use these mailboxes. Our team will help identify shared mailboxes and resource mailboxes that should have interactive sign-in disabled. • Configure No Auth SMTP Relay Connectors and Transport Rules for Multi-Function Devices or Applications • Disable auto-forwarding to remote domains - When attackers get a hold of a mailbox, they will often exfiltrate data by setting up mailbox forwarding to an outside email address that they can then monitor without needing constant access to the source mailbox. Our team will help you identify mailboxes with legitimate forwarding requirements before disabling auto-forwarding. • Extend the default audit log age limit to 1 Year (E5 or E5 Compliance SKU) – By default, Microsoft 365 audit logs are set to 30-day retention. We increase this to 1 year (or more if necessary). • Extend the default retain deleted items retention to 30 days - By default, deleted emails, contacts, calendars and tasks are retained in the dumpster for 14-days. We increase this to 30 days. • Upgrade to Microsoft 365 Groups – For years, organisations have relied on distribution groups to communicate and collaborate with groups of people both inside and outside the company. Now, however, Microsoft 365 Groups in Outlook offer a more robust collaboration solution and includes a (1) shared inbox, (2) shared files library, (3) shared calendar, (4) shared OneNote Notebook, and its content is discoverable. • Disable consumer storage locations – Prevent users from working with Drobox, Facebook and (Personal) OneDrive in Outlook Web Access
Configuring Defender for Office 365 with alerting and monitoring integration into Global Micro’s Security Operation Centre (SOC)
• Configure Alert Policies – 40 Security alert notifications are configured to automatically open incident investigations on our help desk. • Cyber Performance Pack Threat policies – A set of tested, secure email security policies for Anti-Phishing, Anti-Spam, Anti-Malware, Safe Attachments and Safe Links.
This service improves a clients Microsoft Security Score significantly.