Office 365 – do you make the most of all the functionality and features? Here is our top tips guide.
Making the most of the features
You’d be amazed how few people actually make the most of all their current IT and telephony features. Here, CSR’s very own IT whizz, Vince Willoughby has this top tip-crammed guide to help you make the most of all the functionality you’ve most likely already invested in and paid for.
In this first ‘Digital Dilemmas and Solutions’ blog, Vince focuses on Office 365.
In my opinion Office 365 needs to give their customers a bit more love. I don’t think I’ve come across a single customer who has got the basics of Office 365 implemented or done.
When I say basics, I am talking about vital things like email security, SharePoint, Multi Factor Authentication and something known as Microsoft Purview.
So, what should we be embracing when it comes to Office 365?
Firstly, we must discuss email security
It’s essential you make sure the messages you receive are genuine and that your emails are protected. For the best level of email protection for your Business domain, you need to configure SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) is an email authentication method that uses a digital signature to let the receiver of an email know that the message was sent and authorized by the owner of a domain. This protects your customers against spoofing (Impersonation attacks).
DMARC (Domain-based Message Authentication, Reporting and Conformance). Both prevent spoofed senders that are used in business email compromise (BEC), ransomware, and other phishing attacks. To enable DMARC,SFP and DKIM needs configuring which helps validate mail sent from your Microsoft 365 organisation.
This can be checked via the Office365 Admin Panel, to configure the settings CSR Digital would need access to the DNS records of the domain. For example Fasthosts.co.uk or NameCheap.com. Updating the records will be between 15-30 minutes to complete.
You’ll likely have come across MFA (multi factor authentication). People tell us they find this irritating, but the benefits far outweigh any irritation you may feel. Traditionally authentication has been done with a username and a password. But usernames are often easy to discover (sometimes they’re just your email address) and too often people pick simple passwords or use the same password at many different sites.
That’s why almost all online services – banks, social media, shopping and Microsoft 365 – have added a way for your accounts to be more secure.
You may hear it called “Two-Step Verification” or “Multi-factor Authentication”. They work the same way. When you sign into your account for the first time on a new device or app (like a web browser) you need more than just the username and password. You need a second verification method to prove who you are.
Alternatives to MFA can be Conditional Access and Yubikeys, which add additional requirements such as location, time, and a physical security key plugged in before a user can login.
Now let’s talk about OneDrive and Sharepoint
People love OneDrive but don’t neglect SharePoint. SharePoint is part of your Office 365 subscription and is available for the whole team to use. People are using OneDrive to share things with their team but it’s clunky, don’t do it.
Set up a SharePoint and add the necessary permissions. It will be time well spent. SharePoint is better for collaboration, and you can embed it into Teams which means you can access your files inside your Team chats. Genius!
Do you know what Microsoft Purview is all about?
Microsoft Purview is a compliance portal, your platform for accessing all the risk and compliance solutions. When you go to it for the first time you’ll see the below welcome message. This banners gives you a few useful pointers on what to do next.
When you first visit the compliance portal, the card section on the home page shows you at a glance how your organisation is doing with data compliance, what solutions are available for your organisation, and a summary of any active alerts.
It calculates a risk-based score measuring your progress toward completing recommended actions to reduce risks around data protection and regulatory standards.
A Managed Service Provider would spend considerable time ensuring that your security and compliance score is as high as possible for your license types.