InfoSec-Specific Executive Development for
CISOs and Aspiring Security Leaders.
Live Faculty-led instruction and interactive
labs to build you and your team's InfoSec skills
Microsoft 365’s default settings are optimized for productivity and collaboration, not security. Unfortunately, improving the security posture of the tenant can significantly impact the user experience of services such as Teams and OneDrive. Before
making changes, security teams must understand the micro and macro impacts of those settings on users and the overall organization. This piece outlines the key considerations and recommends settings within five primary areas of M365 that will provide
the best security return-on-investment (ROI) with the least user experience impacts.
M365’s complexity creates problems in understanding exactly where to focus security teams’ efforts. For example, every user within the M365 environment has over 7,500 combinations of settings that can be configured. Not all of these have security
ramifications, but many do and they are often obfuscated and only available as PowerShell or GraphAPI settings configured through command line tools, and not through the administrative portals associated with each M365 service.
To prioritize security efforts within M365 tenants, we recommend getting starting with:
Key steps to protecting privileged users from sophisticated attacks include:
Microsoft claims nearly 100 million people use Teams every day as the result of the huge push to remote work over the last 18 months. Unfortunately, the default Teams security settings leave a lot to be desired. Key steps here include:
From a security policy perspective, it is important to recognize all security policies configured for OneDrive are controlled through the SharePoint administrative functions. Improving one automatically improves the other. Key steps here include:
Key steps to hardening Exchange, include:
Microsoft is always changing the names of its M365 services, but most of its documentation still refers to Intune as the tool to use for mobile device management. Re-branding is under way to change everything to Endpoint Manager, but that’s still
a few months away. For ease of reference, Intune settings that can be easily searched are referenced here. Key steps here include:
The M365 platform is incredibly complex and the security options for each service change frequently. As part of our Consulting offering, we offer M365 security assessments that can be run to improve baseline configurations as
well as detect changes. Get in touch to learn more about how our Consulting and other service offerings can help improve your security program.
Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our blog posts, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by individuals or firms in
connection with such information, opinions, or advice.
June 30, 2022
By IANS Faculty
Understand how zero-click attacks work and find best practices to help detect and prevent common zero-click techniques from harming your organization.
June 28, 2022
Find guidance on how to create meaningful security metrics and KPIs for measuring risk improvement across a variety of security areas, including vulnerability management, product security and more.
June 23, 2022
Gain an understanding of the latest insider data exfiltration threats, motivations and methods. Learn best practices for insider threat detection and data exfiltration prevention to protect your organization.