Ewelina Obrzut, Global Head of MSP at Portfolio BI, emphasises the criticality of adept security management in Microsoft 365 by highlighting two predominant areas of concern frequently encountered:
· ConditionalAccess Policies, and
· Mobile Device Management (MDM/Mobile Application Management - MAM).
Conditional Access Policies
Conditional Access Policies are essential for regulating user and device access within Microsoft 365. These policies ensure that applications and data are accessed under specific conditions, thereby bolstering security. Commonly implemented policies include requirements such asMulti-Factor Authentication (MFA), compliant devices, and trusted location access.
These policies are highly customisable, offering control across various dimensions such as client applications(browsers, mobile, and desktop clients), device platforms (including Android, iOS, macOS, and Windows), and evaluating sign-in and user risk levels.
Despite their importance, some firms neglect the implementation of Conditional Access policies or deploy them inefficiently, leading to either increased security risks or overly complex systems that are challenging to manage and prone to human error. A well-strategised approach toConditional Access can significantly mitigate these risks, ensuring security while maintaining ease of use.
Mobile Device and Application Management (MDM/MAM)
MDM and MAM offer two distinct strategies for securing the Microsoft environment. MDM is typically employed for company-owned devices, allowing comprehensive control over device configuration and data. It enables administrators to enforce policies, including device-level settings like Wi-Fi and VPN configurations, and to perform a remote wipe of the entire device if necessary.
MAM, on the other hand, is suited for personally owned devices. It focuses on managing and securing data within specific business applications. MAM policies can prevent data from being transferred out of these managed applications and allow for a selective wipe of these applications, while ensuring personal data on the device remains unaffected.
Gaps in deploying these strategies, either through non-utilisation or incorrect configuration, can expose firms to cyberthreats.
Our Microsoft 365 security review critically evaluates how these tools are utilised and identifies opportunities for improvement.
Request a Microsoft 365 Security Review
The widespread adoption of Microsoft 365 and its cloud-based tools has undoubtedly revolutionised the workplace, offering flexibility and efficiency. Nevertheless, the security integrity of a Microsoft365 environment is only as robust as its weakest component. Even with all security defaults activated, overlooked aspects like inadequate ConditionalAccess policies or a single compromised device can leave an organisation vulnerable.
Portfolio BI’s complimentary Microsoft 365security review presents an invaluable opportunity for businesses to comprehensively assess their risk posture. This initiative not only identifies vulnerabilities but also provides tailored recommendations to fortify and refine your security strategies, ensuring a more secure and resilient cloud environment.
If you would like to learn more about our Microsoft 365 environment security review, contact Ewelina (ewelina.obrzut@portfoliobi.com) or reach out to the team.
References
https://www.ibm.com/reports/data-breach?utm_content=SRCWW&p1=Search&p4=43700077532282685&p5=e&gclid=CjwKCAiA5L2tBhBTEiwAdSxJX3dYZW48ka6l3aE59wYnp7VhF7mGJ4jqHZdOI-ElzaS-vYnoedWvNBoCgmQQAvD_BwE&gclsrc=aw.ds
https://www.businesswire.com/news/home/20210511005132/en/An-Alarming-85-of-Organizations-Using-Microsoft-365-Have-Suffered-Email-Data-Breaches-Research-by-Egress-Reveals
https://learn.microsoft.com/en-us/entra/identity/conditional-access/plan-conditional-access
https://learn.microsoft.com/en-us/mem/intune/fundamentals/what-is-device-management
.svg){kind=small}
