5 Ways to Secure Your Microsoft 365 Email from Cyberattacks

In 2010, a Forbes article set the tone for cybersecurity in the 21st century. The article advised every organization to revisit their security plan under the assumption they’ve already been hacked. Eleven years later, the corporate workforce has seen exponential growth in the number of employees working from home and accessing their company’s secure data, particularly through email interactions.  

Given the evolution of the remote work environment, it is now more critical than ever to revisit your company’s policies to protect against cyberattacks. In this article, we share 5 crucial ways to secure your company’s data via email. 

1. Multi-factor authentication (MFA)

Multi-factor authentication is a security must-have. While MFA doesn’t prevent device-spoofing attacks, verifying the authenticity of user certificates is one of the easiest ways to slow down hackers. 

Within most Microsoft 365 environments, MFA can be turned on by toggling the Security Defaults settings. If your license is newer, it is likely turned on by default. In Azure, you can enable or disable security defaults from the Properties pane for Azure Active Directory (Azure AD) in the Azure portal. 

Using MFA is one of the easiest and most effective ways to increase the security of your organization, so don’t overlook this simple and essential defense. 

2. Increase malware protection with attachment type filtering

Every Microsoft 365 environment includes protection against malware, but we recommend being proactive by blocking attachments with file types that are commonly used for malware. 

Within Microsoft 365’s Security and Compliance Center settings, navigate to Threat Management > Policy > Anti-Malware. Make sure you are applying the settings to the default company profile and turn on Common Attachment Types Filter. You can add or remove file extensions to the list, but the default extensions that are blocked will be shown directly under the setting toggle. 

3. Protect against ransomware macros

Ransomware restricts access to data by encrypting files or locking computers. The hackers then proceed to extort money from the victims in exchange for granting access to the locked data. Ransomware can have tragic outcomes, far more painful than the money lost. During the 2017 WannaCry ransomware attack, at least one patient death was recorded as a result of hospitals being unable to access their computers. 

To protect your company against ransomware, we recommend creating at least one mail flow rule to block or flag file extensions that are commonly used for ransomware

For example, ransomware can be hidden inside macros, so add a rule that warns users about Office file attachments that include macros from unknown people.

You’ll also want to block file types that could contain ransomware or other malicious code, being careful not to affect your company’s workflow. Start with a common list of executables (listed in the table below), and refer to the warn rule if your organization uses any of these executable types in emails. Otherwise, you’ll be blocking important emails.

4. Disable auto-forwarding

Once a hacker has gained access to users email through infiltration, they can configure mailbox behaviors to auto-forward all email to them. You can prevent this exfiltration by configuring a mail flow rule.

Within the Exchange admin center, create a new rule from the Mail Flow category. Select More Options at the bottom of the new mail flow dialog box to see the full set of options.

Microsoft recommends the following configuration:

5. Use office message encryption

Office Message Encryption is included with every Microsoft 365 subscription and ready to use from the very first email you send. With Office Message Encryption, your organization can send and receive encrypted email messages inside and outside of your organization. Office 365 Message Encryption works with Outlook.com, Yahoo!, Gmail, and other email services.

Office Message Encryption provides two protection options when sending mail:

  • Do not forward
  • Encrypt

Unlike the organization-wide auto-forward blocker, Office Message Encryption and the Do Not Forward policy need to be set for each sensitive email. Here is where to find message encryption settings on various Outlook platforms:

More detailed information about sending, receiving, and replying to encrypted messages can be found on Microsoft’s support website

The Bottom Line

The cyber security article from Forbes is still relevant today, and cyberattacks over the past decade have demonstrated the level of damage that can be inflicted. It is essential for companies to take this threat seriously to protect their data, employees, and clients.

Most of the tips offered in this post require configuration by your organization’s security admin, but security relies on everyone in your organization doing their part. To find out where your organization may have vulnerabilities for hackers to exploit, consider doing a cybersecurity assessment as soon as possible.

Windows Management Experts can help! Contact us today to take the first step towards a more secure enterprise system.

Share:

Facebook
Twitter
LinkedIn
Picture of Matt Tinney

Matt Tinney

Professional IT executive & business leader having decades of experience with Microsoft technologies delivering modern-day cloud & security solutions.

Contact Us

=
On Key

More Posts

Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.

=