Microsoft 365 Business Premium package services for easy security enhancement

Many people may not be aware that the Microsoft 365 package actually includes highly efficient data security services and features, which are often regrettably underexploited. Naturally, Microsoft takes care of the basic data security of its own servers, but it is always the customer’s responsibility to manage the security of devices and users and the way information is shared with users and third parties. Utilising the ready-made features of Microsoft 365 licences can bring significant security improvements to the company’s business in very simple and easy ways. In this article, we present three security features of the Microsoft 365 Business Premium package that are included in the licence.

MFA (Multi-Factor Authentication), strong user authentication

Multi-factor authentication means that you can’t access the service just by knowing your password. In addition to the password, the user’s identity is always verified using another method, such as an SMS, phone call or Microsoft Authenticator. This provides significant additional security in situations where the user’s password has ended up on phishing pages or has otherwise been ferreted out. Without multi-factor authentication (MFA), the user will be able to login with just a username and password.

Microsoft Authenticator is a handy app that works on both computers and mobile devices. It allows you to safely sign in to Microsoft services from a computer without a password, confirming the sign-in on your mobile device.

The availability of services is helped by Conditional Access, a feature than can easily be used to create different levels of login rules. Often, the solution is that multi-factor authentication is not necessary in the company’s internal network, but if users try to log in from outside the network, they need to authenticate with more than just a password. Access can also be restricted to certain devices, so that everything can be used normally on your organisation’s own devices but Microsoft 365 services can’t be used from your home computer, for example.

The most common problem for each user is remembering countless passwords. Fortunately, there are a couple of different services for managing passwords. Windows Hello for Business is available for Windows 10 workstations, replacing the password with strong multi-factor authentication. The user’s biometric features, such as fingerprints, eyes or face, are used instead of the password. Password-less, on the other hand, uses the aforementioned Microsoft Authenticator, so that you can also use multi-factor authentication without a password. In fact, users don’t even know their own passwords, so they can’t be hacked. This significantly reduces the risk of the password falling into the wrong hands and/or being used for criminal activities.

ATP (Advanced Threat Protection)

Malware, spam and phishing are persistent problems that will not disappear. All of these are tackled by Office 365 Advanced Threat Protection, which ensures that attachments and links sent by e-mail are always safe.

The ATP service directs attachments to be opened on a separate virtual machine for examination. The virtual machine opens the file so that automation can monitor what kind of changes the file makes to the machine. In this way, machine learning technology can provide protection against even previously unknown threats. If everything is in order, the message and attachments will be allowed into the user’s inbox, but files that appear harmful will be deleted automatically.

ATP will also investigate suspicious links for the phishing of user information. If the service notices a phishing attempt or attempted use of false identity behind the link, or notices that harmful code is downloaded to the machine, it immediately replaces the link with a new link in the e-mail. The new link leads to an error page, indicating that the link is potentially harmful.

AIP (Azure Information Protection)

The AIP function includes tools for classifying and encrypting e-mail information at the file level. A definite advantage of this function is that it operates independently of where the data is stored. The service is purely cloud-based and minimises errors made by end users. In practice, the service automatically classifies e-mails, their attachments and company data according to their importance.

Fully remote deployment

The best thing about modern security services is the fact that they can be easily deployed remotely. The service provider doesn’t need to physically visit the customer or touch the user’s computer to protect each workstation. In addition, in-depth familiarisation is not required from users, since the services work in the background and do as much as possible on behalf of users through automation.

Remote deployment is also supported by comprehensive end-user instructions on the functionalities of Microsoft 365 Business Premium security services, which are delivered in advance to each user. Users will have instructions for using the services to support their memory and, if necessary, the materials will also be tailored to the customer’s wishes and needs. End users are always supported by Itaito’s highly skilled Service Desk support.

It’s never too late to improve your company’s security, and these services can often be deployed very easily and quickly. Please contact us to learn more!

Lue lisää Itaidon palveluista täältä

How can you prevent the most typical data breach attempts? The first phishing attempt should already get you thinking

A data breach is the nightmare of every company. The idea that someone can steal your company’s and customers’ data, prevent you from accessing the data, or send messages on behalf of the company makes even the most hardened executive sweat. Fortunately, however, data...

Security Operations Center (SOC) – what goes on there?

We previously published a blog text about data breaches and how to prevent them (read the text here). Data breaches often take place via email, so you should take care of the data security of your email account at all times. However, sometimes, despite taking all...

Sleep soundly at night, NOC is watching over for you

The IT world is full of acronyms, one of which is NOC. We have already written about SOC, Security Operations Center, (read the blog text here), and NOC (Network Operations Center) is closely related to it. The Network Operations Center, or control room, monitors the...

Itaito relies on the best experts in the Nordic countries

If you ask a random person to close their eyes and form a picture of an IT expert in their mind, they usually describe someone who hides behind a computer screen and hardly speaks a word to their colleagues – or customers. Even when they do speak, the other person can...

World-class Service Desk = the highest customer satisfaction in Europe

It is important for any company to have well-maintained data networks, good network equipment, reasonably sized servers and IT infrastructure generally in order. However, the IT service that the end-users really care about and the one they are most in contact with is...

Hepacon updated its IT environment with the help of Itaito

Hepacon Oy is a well-known Finnish construction engineering company. In recent years, the company has developed its ICT environment extensively to enable its business to grow rapidly and thrive in the current fierce competition. Succeeding in both goals is not...

What should be taken into account when outsourcing a growing company’s IT services?

When a company is growing, many things need to be assessed regularly. It may be that not only the premises but also the IT environment is running out of space and begins to bind resources instead of freeing them up. What should be taken into account when planning to...

What does IT as a Service mean?

The importance of a functioning IT environment for business can’t be overemphasised. It must never slow down business, but facilitate and support it. At Itaito, we want to help companies focus on developing their own business, and we provide our customers with all the...

Outsourcing a small server environment: the project from Toshiba Tec’s perspective

Sometimes, the need for a particular IT service may be relatively small but important. This is often the case for servers: a company may not necessarily need more than a few servers, but they can be vital for business. However, the purchase and maintenance of servers...

Microsoft 365 Business Premium package services for easy security enhancement

Many people may not be aware that the Microsoft 365 package actually includes highly efficient data security services and features, which are often regrettably underexploited. Naturally, Microsoft takes care of the basic data security of its own servers, but it is...