How to enable security features on Microsoft 365

Microsoft 365 has come a long way when it comes to security. Previously rudimentary security systems can now offer features such as automatic scanning of email attachments, protection against phishing and ransomware.

Users with Microsoft 365 Business plans have even more advanced security features at their disposal. However, most features must be activated manually. Here’s how to make sure Microsoft 365 is secure in use.

How to set up multi-factor authentication

Multi-factor authentication (MFA) is by far one of the easiest and most effective ways to secure your Microsoft 365 account. It basically means that whenever you log in, you will be asked to enter a code received via SMS or through an authenticator app on your phone.

So even if your password is compromised, no one can access your account unless they have the authentication code.

To take advantage of MFA, it needs to be enabled through the Microsoft 365 Admin Center and can only be done by the administrator of your organization or business.

How to enable MFA using Microsoft 365 Admin Center

Enable MFA with Microsoft 365 Admin Center
Enable MFA with Microsoft 365 Admin Center

1. Open Microsoft 365 Admin Center and login.

2. On the navigation bar towards the left, click Show All and go to Admin centers > Azure Active Directory.

3. In Azure Active Directory admin center, click again Azure Active Directory.

See more:  How to handle iTunes not recognizing your iPhone beautifully?

4. On the navigation bar, scroll down and click Properties.

5. At the bottom of the page, find and click Manage Security Defaults.

6. Change the slider to Yes then click Save.

After enabling security default features, MFA is automatically enabled for all users.

The next step is to set up a Microsoft 365 account for MFA, which means deciding if you will use SMS or an authenticator app to receive your code.

Will you use SMS or authenticator app to receive your code?
Will you use SMS or authenticator app to receive your code?

1. Once MFA is enabled, sign in to your Microsoft 365 account as usual.

2. When clicking Sign In, you will receive a prompt asking for more information. Press Next.

3. You will now be asked to choose an authentication method. Choose whichever one suits you and go to Save.

How to enable anti-malware in Microsoft 365

Another great security feature in Microsoft 365 is anti-malware. This feature automatically blocks certain types of attachments from running in Outlook. This is important because your computer can be easily hacked using attachments infected with malware.

Attachments typically end in .js, .exe or .bat, all of which are blocked when you turn on anti-malware protection.

Enable anti-malware in Microsoft 365
Enable anti-malware in Microsoft 365

To use this feature, simply visit the Microsoft 365 Admin Center:

1. In the navigation bar on the left, click Show More.

2. Now, click Admin Centers > Security & Compliance.

3. Then select Threat Management > Policy.

4. On the dashboard Policy, click Anti-malware.

5. Double-click Default to open the default policy.

6. Click Settings and in Common Attachments Type Filter, click the button On.

7. Click Save.

See more:  How to share screen in Google Hangouts

This will prevent you from receiving and sending the file types listed in the window.

You can also choose to receive notifications whenever an attachment is blocked. In addition, you can also choose whether the sender is notified of blocked attachments.

How to customize anti-phishing in Microsoft 365

Phishing is one of the most common ways to infect a computer. In a Phishing attack, the email or file is designed to look like it’s from a trusted or familiar source, but instead it tries to collect confidential data. This includes usernames, passwords, and credit card numbers. In fact, there are many types of Phishing attacks that you need to be aware of.

Although Microsoft claims that Microsoft 365 has built-in anti-Phishing protection, there are quite a few settings that you will have to enable manually to take full advantage of it.

To customize anti-Phishing options, do the following:

Customize anti-phishing in Microsoft 365
Customize anti-phishing in Microsoft 365

1. Go to Microsoft 365 Admin Center.

2. In the navigation bar on the left, below Admin centers, click Security.

3. Now let’s expand Threat Management and click Policy.

4. On the dashboard Policy, choose ATP anti-phishing.

5. In the window Anti-phishing, click Default policy.

6. In the section Impersonation, click Edit.

7. On the navigation bar, you can select Add users to protect or Add domains to protect.

8. You should click Add domains to protect, then turn on Automatically include the domains I own.

9. In the navigation bar, click Action.

10. Choose what Microsoft 365 should do when it detects email sent by an impersonated user or domain.

See more:  How to use portrait mode (Portrait Mode) in FaceTime

11. Now click Mailbox intelligence in the navigation bar and make sure the toggle is on.

12. Click Review your settings and then select Save.

After enabling these settings, your Microsoft 365 account will be better protected against phishing emails.

How to enable Smart Lockout in Microsoft 365

Smart Lockout prevents users from logging in after multiple failed attempts. Simply put, if you enter your password incorrectly a specific number of times, you will be banned from logging in for a fixed period of time.

The lock time increases proportionally to the number of login attempts with an invalid password. This is useful when hackers try to use brute force techniques to hack user accounts. However, due to the way Smart Lockout works, if the same bad password is entered multiple times, the account will not be locked.

The Smart Lockout feature can be enabled through Azure Active Directory. You should keep in mind that this feature requires you and other users to have an Azure AD P1 license or higher.

Enable Smart Lockout in Microsoft 365
Enable Smart Lockout in Microsoft 365

1. Access Azure portal and login with admin credentials.

2. Expand the navigation bar on the left and click Azure Active Directory.

3. Now click Security and navigate to Authentication methods > Password protection.

4. Here you can place Lockout threshold will determine the number of failed login attempts before activating Smart Lockout.

5. Set Lockout duration in seconds to define Smart Lockout duration..

6. Click Save and exit.

Hope you are succesful.

Source link: How to enable security features on Microsoft 365

– https://techtipsnreview.com/

, , ,

Leave a Reply

Your email address will not be published. Required fields are marked *