Our 12 Favourite Microsoft 365 Security Features


Share This Post

Within this blog, I will be discussing the 12 built-in security tools for Microsoft 365 that every small business should be using. Microsoft 365 offers some excellent features in their plans regardless of if you are on a high-level plan or low, but unfortunately, many companies that use Microsoft 365 do not utilise the security features offered within Microsoft 365. So, we are here to tell you all about them. 

Multifactor Authentication

We’ve taken on eight new customers in the past week, and none of them had Multifactor Authentication enabled! MFA is built into each Microsoft 365 plan and can help prevent 99.9% of cyber identity attacks. So, what are you waiting for? 

Email Encryption

We’re sorry to break it to you, but email is not secure…

When you write an Email, it is like sending a letter. First, you send it from A, but after that, you just have to hope it gets to B without being intercepted. You can now ensure your emails are secure by using encryption to scramble up your sent emails and unscramble them when received by the correct email mailbox. 

Safe attachments

Cybercriminals LOVE ransomware. Why? Because it makes them loads of money! This is done by adding attachments with malware or ransomware; these attachments are designed to make you want to click on them without much thought or doubt. However, safe attachments can filter out the hacker’s emails and prevent you from receiving them. 

Compliance Policies

How secure are the devices, laptops and computers that are accessing your Microsoft 365 data? 

Perhaps your business uses freelancers. How can you verify that the devices they’re using are secure? Well,  you could use something called Compliance Policies within Microsoft 365. You could configure your policies to ensure that every computer accessing your Microsoft 365 data has an antivirus installed, an encrypted hard drive with Bitlocker, and maybe a secure PIN to log on with. It’s up to you. 

Safe Links

It is very common to receive emails with valid links. Perhaps, these are emails from colleagues or clients. We all use hyperlinks; however, once again, cybercriminals have taken advantage of this and include links within their emails that may contain malware or ransomware, and sometimes even send you to a bogus website, so you enter your username and password for a site such as Microsoft 365. Before you know it, cybercriminals will have your details. Setting up safe links means that Microsoft 365 will scan these links for you and ensure they are not dodgy. 

Exchange online protection

Over 90% of cyberattacks originate from email. With exchange online protection, every mailbox you buy can, and will, help to protect against spam, phishing and malware. You do have to go into the back-end admin portal. However, it will help you protect your business.

Defender For Endpoint 

I’m sure that we all agree every device within your business needs security software installed. However, Microsoft 365 is a cloud application… So do you need to buy a third-party tool such as Sophos or Eset? Nope! Defender for endpoint provides robust antivirus software for each of your devices, so there is no necessity to buy a third-party product and waste your money. 

Data loss Prevention

This is a product that I don’t see many businesses using. This assists in preventing people from within your business sharing sensitive data; This data might be valuable or regulated. 

You can create DLP policies for the data you value the most, such as credit card information. DLP is intelligent enough to know when someone is trying to share this data, and it will block it. 

Sensitivity labels

There will be documents within your business that are highly valuable to you, and you do not want certain people to view, print out or share them. For example, a spreadsheet with data containing every employee’s salary information. If this was to be accidentally or intentionally shared with the rest of your business, it could cause numerous issues with your company and employees. By applying sensitivity labels to documents, you can dictate who can access the comment or SharePoint site. 

Email Retention Policies. 

Email is an integral part of the business; we rely on it daily to communicate with clients, co-workers and employees. So, we may want to keep the critical data that is contained within these emails. Unfortunately, people often purge through their mailbox, deleting every email they believe is not essential. Your business should save all emails sent or received by anyone in your industry. People within your business should not be allowed to delete emails, even if it is as simple as cross-checking an order or an email concerning compliance. Either way, an email retention policy can ensure every email sent or received within the last 10 years stays in Microsoft 365. 

Conditional Access Policies

Have you ever been turned away from an event or venue for being too young or dressed inappropriately? Whatever the reason, these are conditions of access. In Microsoft 365, you can do the same thing, such as putting a policy in place so that only people with MFA or who are within the UK can access your DATA. They’re an excellent cyber security measure for small businesses. 

Vulnerability Management

If you know that someone is vulnerable, for example having issues walking or they’re very elderly, then you take action to protect them. In IT, you need to know where your security vulnerabilities are to protect your business from getting targeted in that area. This is where Vulnerability management comes in, It is quite a new tool, but we have not seen any companies that have been using it so far. 

Your business should implement these cyber security measures in your business in order to improve your cyber hygiene. 


Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

How to use Microsoft to do

The ULTIMATE Microsoft To Do Tutorial

How do you handle your to-do lists? Do you write tasks on scraps of paper? Or do you pop them in a notebook? Perhaps you have a digital application such as Todoist!  If you’re a Microsoft 365 user, you already pay for a task management system! It is called Microsoft To Do.  We all have

Zero Trust Holy Grail

Is Zero Trust Security The Holy Grail OF Cyber Security?

USA president, Joe Biden, thinks that Zero Trust is the way to go in your cyber security journey, but, what is Zero Trust, and what does it mean for your business?  When it comes to your business, I’m sure you’ve got a strategy in place for how you’re going to win new business, market your

Scroll to Top