Office 365: Ensuring Business Security

Office 365: Ensuring Business Security

Without a doubt, productivity is essential for every business organisation. That’s the exact reason why developers relentlessly improve the productivity solutions they offer for businesses. But because of the frequent occurrence of security breaches these days, applications and programs that boost productivity is no longer enough for business owners—these solutions have to ensure data security as well. With Microsoft Office 365, you’ll be able to get the productivity solution your company needs and reap the benefits of cloud computing while you ensure your business’ security.

How to Maximise Office 365 to Keep Your Business Data Secure

There are a lot of reasons why businesses prefer the data protection that Office 365 offers. But one thing’s for sure, it has proven its reliability across business organisations over the years. Once you learn how to maximise its capabilities, you’ll be able to enjoy its benefits at an optimal level as well.

Before anything else, it is fundamental that you check your Office 365 Secure Score first. By doing this, you will be able to determine the level of your Office 365 security based on your regular Office 365 activities and security settings.

Follow this guide below if you want to improve your Office 365 security score:

  • Make Use of Multi-Factor Authentication

One of the most effective ways to boost the security of an organisation’s Office 365 solution is the utilisation of its multi-factor authentication or 2-step verification feature. Once you enable this feature, Office 365 will send a verification code to the phone number you registered for your account. This code will be required by the program before you can access your account. With that in mind, hackers will no longer be able to take over your account even when you lose your password by accident.


Here’s a step-by-step guide you can follow if you want to set up your Office 365 multi-factor authentication feature:

Step 1: Open your Microsoft Office 365 admin centre.

Step 2: In the search bar, search for the word “multi” and select the Azure multi-factor authentication settings.

Step 3: Click on the Manage multi-factor authentication option.

Step 4 Once you do this, select Enable.

If this is your first time enabling this feature, it is recommended by experts that you try it out on a couple of users first. By doing this, you’ll be able to give your business the time to adjust to this new setting. Once you get a hang of it, you can extend the implementation of this feature to all users.

  • Train Your Users on How to Maximise Office 365

The more users know about cybersecurity threats, the more cautious they become. That’s why it’s necessary for business owners to establish a culture of security awareness within their business organisation. It is their responsibility to train their employees on how to make the most of Office 365 without compromising their business security. 

To serve as a guide, here are some of the topics you should cover during  security training:

  1. The utilisation of strong passwords.
  2. Protecting devices to fend off cybersecurity threats.
  3. Guide on how to enable security features on Windows and Mac devices.
  • Disable Email Auto-Forwarding

In several cases worldwide, security breaches begin with the enablement of Office 365 email auto-forwarding without the knowledge of the users. That’s why it’s important for organisations to ensure that this feature is disabled at all times and a mail flow rule is established. Once you do this, you will be able to deter hackers from accessing your Office 365 account.

Here’s a guide on how to disable this feature:

Step 1: In your Office 365 admin centre, select Admin Centres then Exchange.

Step 2: Click the Rules option in the mail flow category.

Step 3: Click + and then select Create a new rule.

Step 4: Once you’re done doing this, click the More Options you see at the bottom of the dialogue box to see the full set of options available.

Step 5: Apply the Warn users before opening attachments of Office files setting.

Step 6: Click Save.

  • Make Use of Office Message Encryption

If you’re an Office 365 user, you’ll be able to see that Office 365 Outlook comes with an Office Message Encryption feature. Whenever this is enabled, businesses gain the capacity to send and receive encrypted emails to people inside and outside their organisation. Furthermore, it gives business owners the peace of mind that their email can only be viewed by the intended recipients.

There are two protection options Office Message Encryption provides to its users when sending mail: Do not forward and encrypt. You can also configure your email to apply labels like “Confidential” give your recipients a heads up on the content you’re sending.

  • Use ATP Safe Links to Safeguard Your Business from Phishing Attacks

Most often than not, hackers hide malicious websites in email links or files to exploit their victims. That’s why it’s recommended by IT professionals that you make use of Office 365 ATP Safe links. This feature is a part of the Office 365 Advanced Threat Protection. With its help, users are able to experience a time-of-click verification pop up every time you click a web address in your Office 365 emails and documents. With that said, the utilisation of this feature is undeniably an effective way to protect your business from phishing attacks.

The protection that you experience with ATP Safe Links is defined through its policies. In order to make the most of it, it is suggested that you do the following:

  • Increase your Office 365’s protection by modifying the default policy.
  • Add a new policy that will benefit all the recipients in your current domain.

In order to get to ATP Safe Links, here’s a step-by-step guide you can follow:

Step 1: Use your admin account to sign in at

Step 2: Go to the Office 365 Security & Compliance Center and then click Policy under the Threat management option you can find in the left navigation pane.

Step 3: Once it takes you to the Policy Page, choose ATP Safe Links.

Now that you know how to find it, it’s time for you to learn how to modify the default policy. Here’s how you do this:

Step 1: Open the Safe links page.

Step 2: Look for the Policies that apply to the entire organisation section and select the Default policy.

Step 3: Click Office 365 ProPlus, Office for iOS and Android under the Settings that apply to content except for email.

Step 4: Click Save.

Furthermore, this is how you create a new policy that’s targeted to all the recipients in your domain:

Step 1: While you’re on the Safe links page, click + under Policies that apply to the entire organisation to generate a new policy.

Step 2: Apply the Safe links policy for all recipients in the domain setting.

Step 3: Click on Save.

  • Avoid Malware Attacks Through ATP Safe Attachment Protection

In the business world, it’s a common scenario for people to send, receive, and share attachments. As mentioned earlier, hackers can use email attachments and files to trigger a cybersecurity threat. That’s why it’s important to enable the ATP Safe Attachment protection that comes with the Office 365 Advanced Threat Protection. This protection is disabled by default. Hence, it’s necessary to create a new rule if you want to enjoy the benefits of this feature. Once you enable this, you will be able to safeguard your files in SharePoint, Microsoft Teams, and OneDrive.

Here’s a guide that you can make use of to create an ATP safe attachment policy:

Step 1: Use your admin account to sign in at

Step 2: In the left navigation pane of the Office 365 Security & Compliance Center, click Policy under the Threat management section.

Step 3: This will redirect you to the Policy page. Once you’re there, select the ATP safe attachments.

Step 4: Once you get to the Safe attachments page, select tick the ATP for SharePoint, Microsoft Teams, OneDrive checkbox to apply for this protection broadly.

Step 5: Click + to create a new policy.

Step 6: Apply the Block current and future emails with detected malware setting.

Step 7: When you’re done reviewing your settings, click Create this policy and then click Save.

  • Filter Suspicious Attachment Types in Your Mail

When you take a closer look at your business’ Office 365, you will see that its environment includes protection against malware. Although this is true, there are still ways that you can boost the protection it gives to your business—one of which is by blocking attachments that have suspicious file types. In many cases, malware attacks have used file types such as .EXE, .HTM, .JS, etc. to infect computers. That’s why it’s recommended that you block suspicious file types to enhance your malware protection security.

Here’s how you can do this through a few easy steps:

Step 1: Go to

Step 2: Use your admin account credentials to sign in.

Step 3: In the Office 365 Security & Compliance Center you will see a Threat management option in the left navigation pane. Click Policy and then select Anti-Malware.

Step 4: Double-click the default policy shown to edit the policy.

Step 5: Click Settings and then under the Common Attachment Types Filter, select On. After doing this, you will see a list of the file types that are blocked in a window below this control.

Step 6: Click Save.

About the Author

Comments are closed.