Lock Your Digital Doors

Imagine you are sitting at your computer, browsing the web or checking your email. Suddenly, you notice something strange: a pop-up window that says your files have been encrypted and you need to pay a ransom to get them back. Or maybe your screen goes black and a message appears that says your system has been hacked and you need to contact a certain number for help. Maybe you get an unexpected email that your bank account has been drained or your identity has been stolen and you need to click a link to start the recovery process. These are some common scenarios that can happen in a cyber-attack, a malicious attempt to damage, disrupt or gain unauthorized access to a computer system or network.

For businesses, we all understand that it is necessary to protect our systems and employees from experiencing a cyber-attack but where do you start? For Microsoft 365 customers, this is the question Security Defaults were developed to take on. Reportedly, Microsoft's security teams see a drop of 80% in compromise rate when security defaults are enabled. In this article, we will examine what Microsoft 365 Security Defaults are, why they are important for businesses, and how you can implement them as soon as today!

Overview of Microsoft 365 Security Defaults

Microsoft 365 Security Defaults are a set of pre-configured security settings that are designed to provide a baseline level of protection for businesses. These settings are enabled by default for all new Microsoft 365 tenants and are specifically designed to protect against common cybersecurity threats. Some of these settings include multi-factor authentication, which requires users to provide additional verification when logging in, and blocking legacy authentication protocols, which are known to be less secure than modern protocols.

One of the key benefits of Microsoft 365 Security Defaults is that they are easy to set up and require minimal configuration. This means that even businesses with limited IT resources can take advantage of these security settings and protect their digital assets from cyber threats.

It is important to note that Microsoft 365 Security Defaults are not a comprehensive cybersecurity solution. They provide a baseline level of protection, but additional security measures may be necessary depending on the specific needs of your business.

How Microsoft 365 Security Defaults Can Protect Your Business

Microsoft 365 Security Defaults provide a baseline level of protection against common cyber threats. Some of the ways in which these security settings can help protect your business include:

• Multi-factor authentication: This provides an additional layer of security by requiring users to provide additional verification when logging in.
• Blocking legacy authentication protocols: This helps prevent cyber criminals from exploiting known vulnerabilities in older authentication protocols.
• Enabling modern authentication protocols: This provides a more secure way for users to authenticate when accessing Microsoft 365 services.
• Enabling password policies: This helps ensure that users create strong passwords that are less vulnerable to brute force attacks.
• Enabling auditing and reporting: This allows businesses to monitor access to their digital assets and detect potential security breaches.

By enabling these security settings, businesses can help protect against common cyber threats and minimize the risk of a devastating cyber-attack.

Setting Up Microsoft 365 Security Defaults

Setting up Microsoft 365 Security Defaults is a straightforward process that can be completed in just a few steps. To enable these security settings:

• Open a Web Browser and navigate to https://portal.azure.com
• From the Azure Admin portal homepage, select Properties from the left menu options.
• On the Properties page, as pictured above, the link to enable Security Defaults appears at the bottom. Click the link to reveal your options.
• Set the Security Defaults drop-down to Enabled and click save at the bottom.

Once enabled, these security settings will be applied to all users in your Microsoft 365 tenant by default.

It is important to note that Microsoft 365 Security Defaults may not be suitable for all businesses. If your business has specific security requirements, you may need to configure additional security settings to ensure that your digital assets are adequately protected. You are not able to use Security Defaults if your company uses:

• Conditional Access Policies - Allows Administrators to enable security policies and define what users the policy should apply to for enhanced granularity.
• Classic Policies - These are policies that were configured in older Azure or Intune Admin portals. If your organization is using classic policies, you should consider moving to Conditional Access Policies.

Additionally, there are some things to consider before enabling Security Defaults such as:

• Authentication Methods - What method of authentication will your organization handle multi-factor authentication? (Authenticator App vs SMS vs Voice Call vs Hardware Token, etc.)
• Guest Users - If you have any external users in your Microsoft Tenant, they will also have to use multi-factor authentication to access your Microsoft 365 data.
• Legacy Authentication - Do you use any older applications like Office 2010 or older? Enabling Security Defaults will disable legacy authentication preventing users from logging in to applications like Outlook to check their email.
• Less Secure Authentication - Do you use any applications that only use username and password to authenticate into Microsoft 365. A common scenario is multi-function printers that leverage Exchange Online SMTP for Scan-to-Email functions.  These scenarios may have to use more modern authentication methods like App Passwords.

Additional Steps to Enhance Your Business's Cybersecurity

While Microsoft 365 Security Defaults provide a baseline level of protection, there are additional steps that businesses can take to enhance their cybersecurity. Some of these steps include:

• Implementing a comprehensive cybersecurity policy that outlines best practices for protecting sensitive data.
• Providing regular cybersecurity training to employees to help them identify and avoid common cyber threats.
• Implementing additional security measures, such as firewalls, endpoint detection and response software, and intrusion detection systems.
• Conducting regular security audits to identify potential vulnerabilities and address them before they can be exploited by cyber criminals.

By taking these additional steps, businesses can further enhance their cybersecurity and minimize the risk of a devastating cyber-attack.

Benefits of Using Microsoft 365 Security Defaults

There are many benefits to using Microsoft 365 Security Defaults to protect your business's digital assets. Some of these benefits include:

• Easy to set up: Microsoft 365 Security Defaults are pre-configured security settings that require minimal configuration.
• Cost-effective: Microsoft 365 Security Defaults are included with most Microsoft 365 subscriptions, making them a cost-effective way to enhance your business's cybersecurity.
• Provides a baseline level of protection: Microsoft 365 Security Defaults provide a baseline level of protection against common cyber threats.
• Minimizes the risk of a devastating cyber attack: By implementing robust security measures, such as Microsoft 365 Security Defaults, businesses can help minimize the risk of a devastating cyber-attack.

Closing Thoughts

The digital age of today makes cybersecurity more important than ever. Business owners need to take steps to protect their digital assets from common cyber threats, such as phishing attacks, ransomware attacks, and malware attacks.

One of the best, and simplest, ways to begin to protect your business is by using Microsoft 365 Security Defaults. Microsoft 365 Security Defaults are a valuable tool for businesses that want to protect their systems and data from common cyber-attacks. They are easy to implement and provide a baseline level of security that can be enhanced with additional features and settings. By enabling Security Defaults, businesses can benefit from Microsoft's expertise and experience in cybersecurity and reduce the risk of losing their files, money or reputation to hackers. Therefore, we recommend that all Microsoft 365 customers enable Security Defaults as soon as possible and enjoy a more secure and productive online experience.