January 23, 2023
Your team deployed Microsoft 365, and now all your worries are (almost) over. Having your administrator take the steps below ensures your data is secure, can be restored if lost, and keeps you appraised of future product changes.
One of the most significant advantages of deploying Microsoft 365 is the collaboration and sharing tools such as SharePoint and OneDrive to increase your organization’s productivity. Unfortunately, the default setting also allows external sharing. Without proper settings, all of your information could be available to anyone. Determine the appropriate settings for sharing permissions based on your security policies to reduce the possibility of exposing your critical data.
Yes, Microsoft is responsible for ensuring Microsoft 365 services do not lose your data, but what happens if your end-user accidentally initiates the loss? What if you are subject to a ransomware attack, virus, or hacking attack? The lines can become blurry between where the actual data loss occurs. First, read what is actually covered. Next, perform a data risk assessment to determine the worst-case scenario if a data loss occurs. Obviously, some of your company’s data is more critical than other items. For necessary data, you may want to consider a third-party backup solution.
One of the most significant advantages of Microsoft 365 is accessing your company data from anywhere at any time. This is also one of the biggest security concerns. It is crucial for your administrator managing the Microsoft 365 tenant to set up app protection policies as soon as possible to keep your company data secure and on devices that they deem safe or within their control. This, in combination with Conditional Access to restrict authentication and sign-in (from only approved countries or IP addresses), will mitigate and prevent even higher impact issues, such as ransomware attacks. You can also leverage Microsoft premium solutions to protect high-risk data.
Microsoft does offer immediate reporting as a premium service; however, if you have the basic offering, reports can take up to 48 hours for data to populate and expire after 180 days. It limits your administrator’s ability to detect issues such as compromised accounts or unusual email patterns. Evaluate your reporting needs and consider using a third-party offering (which may be more cost-effective than the premium license) for in-depth reports and automation tools to make you aware of an issue.
If you are wondering when or if a specific feature will be released or updated, you can review the Microsoft 365 roadmap. Unfortunately, it is not easy to navigate. The best way to understand what is coming is to regularly check various locations (including the roadmap), such as the Feedback Portal and message alerts.
Some of the items listed above can be easily implemented at no additional cost; thus, you can implement them as time permits. Others (for example, a third-party backup option) may require funding; therefore, you must weigh the benefit gained against the risk. We have experts available if you need assistance with Microsoft 365 administration, assessing your options, or help implementing.