Advanced Microsoft Security Policies: A Guide for 365 Users

A Microsoft 365 subscription provides users with many tools designed to help businesses protect their data and comply with regulatory requirements. To prevent cyber-attacks and unauthorised access, it is important to use these features and combine them with strong overall security policies and procedures. This will form the basis of your Microsoft security framework.

Understanding Microsoft 365’s Features

Microsoft 365 comes with a variety of built-in security tools and solutions. Understanding these, and how they work, is essential for securing your business.

  • Azure Active Directory (AAD): AAD is the backbone of identity and access management in Microsoft 365, enabling features like multi-factor authentication (MFA) and conditional access.

  • Microsoft Information Protection (MIP): MIP helps you classify, label, and protect data based on its sensitivity.

  • Microsoft Purview Data Loss Prevention (DLP): DLP allows you to set policies specifically for data protection.

  • Microsoft Defender: This tool, previously known as Microsoft Advanced Threat Protector, has been rebranded under the same name as their antivirus software. Defender provides the same security solutions as ATP, as well as those offered by the antivirus program. 

  • Microsoft Compliance Manager (MCM): This tool helps you manage compliance with industry standards and regulations, by providing a comprehensive compliance score and actionable insights.

Implementing MFA

One of the easiest ways to improve security is by implementing MFA. This requires users to provide two or more verification factors to gain access – for example, it may require a code sent to an email address or mobile phone. This significantly reduces the risk of unauthorised access. 

  • Start by enabling MFA for all users within your company. This can be done via the AAD portal, by looking in the directory page under ‘users and groups’.
  • Use conditional access policies to enforce MFA based on roles, location, and device state. For example, you may require MA only when users attempt to access certain data, or when they log in from an unfamiliar location.

Classifying and Labeling Data with MIP

Classifying and labeling data correctly is essential to protect sensitive information. MIP allows you to create and apply sensitivity labels, which can then be used to automatically enforce protection policies.

  • Define sensitivity labels such as Confidential, Internal, and Public. Each label should have associated security actions, like encryption, watermarking, or access restrictions. This can be done in the home tab’s ‘sensitivity’ settings.

     

  • Set up auto-labeling policies to automatically apply sensitivity labels based on the content of documents and emails. This ensures that all data is consistently protected without relying on user action.

Using Data Loss Prevention (DLP) Policies

DLP policies help prevent sensitive information from being shared intentionally or unintentionally. Purview can accomplish this by monitoring and restricting the sharing of data across services like Exchange, SharePoint, and Teams.

  • Use pre-built or custom templates to identify sensitive information types. This may include data like credit card numbers or intellectual property. 

  • Define rules that specify what actions should be taken when sensitive information is detected. Actions can include blocking the content from being shared, notifying the user, or reporting the incident to administrators. 

  • At first, you should set your policies to monitor mode. This will allow you to assess their impact and adjust as necessary.

Defender: Microsoft’s Security Software

Microsoft Defender can be used to detect, prevent, and respond to cyber threats. This lowers the chance of a data breach occurring. There is a vast array of features to explore, but here are some of the basics.

  • Activate features like Safe Attachments, Safe Links, and anti-phishing policies to protect against malicious content and links in emails and documents.

  • Use Defender’s threat analytics (found in the Extended Detection and Response navigation bar) to monitor for suspicious activity and analyse threat patterns. This helps in identifying potential breaches early and responding swiftly.

  • Configure automated responses for incidents. This will ensure that immediate action is taken to contain threats.

Ensuring Compliance with MCM

MCM provides a comprehensive view of your compliance status and offers actionable insights to improve it.

  • Use MCM to assess your current compliance posture against various regulations and standards. Monitor your compliance score (displayed at the top of the screen) to identify areas for improvement.

  • Where possible, automate compliance processes to reduce manual effort and ensure consistent application of policies.

The Role of a Strong Security Policy

Microsoft’s security tools are excellent at protecting your business, but it is important to remember that they should only be one part of a whole. To be effective, these tools must be implemented as part of a wider cyber security policy that protects your business from every angle and creates a security-first culture.

Get Expert Assistance with 365

When using your company Microsoft 365 subscription, it is essential to implement secure practices so that your company data is protected. By leveraging its built-in security features, you can build a comprehensive security framework that will allow your staff to use 365 safely. 


Platform 24 understands the unique challenges of working with Microsoft 365. We offer a variety of specialised solutions designed to help you use it efficiently and increase your security. Explore our Microsoft 365 services today to learn more.

1300 602 480