• Connect With Your Ottawa IT Service Company at (613) 828--1280

Because Microsoft Office 365 is such a popular application, it’s now attracting hackers who are looking for security gaps. For this reason you should set up Multi-Factor Authentication (MFA) in your Office 365. Here, we’ll explain how to set this up, and tell you about other things you can do to keep your Microsoft Office 365 data secure.

Why Is It Important To Use MFA In Office 365?

You probably store sensitive documents like finances and confidential customer information in your Office 365. This is data that hackers are looking to steal. Because Microsoft Office 365 is cloud-based, you should always use an extra layer of security to protect it.

Multi-Factor Authentication improves user security and meets strong security policies. Office 365 provides two levels of their MFA services to meet the demands of today’s businesses in Ottawa and the National Capital Region. This means that every authentication for Office 365 will require MFA except with logins from trusted sources that you define.

How To Enable Multi-Factor Authentication In Your Office 365 Account

When you set up MFA in Office 365 it requires a password and one more verification methods when signing in. This will ensure that no one else can sign into your account.

Here’s what to do:

Go to www.office.com and sign in.

Put in your email address and password.

You’ll be prompted to add more information so you can use Multi-Factor Authentication.

Click “Next” and you’ll see the page below.

You’ll have the option to use a phone call, text message or a Windows Authentication Application on your phone to authenticate your identity.

We’re going to choose a text message (or SMS).

Enter your country, your phone number, and the method you choose (text message/SMS).

Click “Next.”

You’ll be asked to confirm your phone number. Then a text message will be sent to your phone with a code for you to use to authenticate.

Enter the code that you received and click “Verify.”

Once you’ve completed these steps, you’ve successfully set up Multi-Factor Authentication in Office 365.

Some applications require a second password in order to authenticate because they don’t support Multi-Factor Authentication. However, this is not the case in Microsoft Office 365 2013 or 2016. If you come across and application that requires a password, we can help you out.

How To Change Your Multi-Factor Authentication Setting In Office 365

Go to the top right corner of your computer screen and click the gear icon.

Open your Office 365 app setting.

Click on Security & Privacy.

Go to “Additional Security & Privacy Information” where you can update your phone number.

A screenshot of a cell phone Description automatically generated

Go to “Create & Manage App Passwords.”

Here you can set it to use the “Authenticator app or Token.”

Now MFA should be activated in your Office 365 to provide an additional layer of security.

But there’s more you can do…

What Else Can You Do To Protect Your Office 365 Solution?

With Microsoft Secure Score in the Microsoft 365 Security Center, you can gain more knowledge and control over your business’s security standing.

You’ll have access to a centralized dashboard where you can monitor the health and improve the security for your Microsoft 365 identities, data, apps, devices, and infrastructure.

Perform A Health & Security Check On Your Office 365 Environment

Microsoft Secure Score allows you to complete security improvement actions within your company and track the history of your score.

It provides visualizations, an integration with other Microsoft products, a comparison of your score with other companies, filtering by category, and much more. Your score can also show the third-party solutions that have addressed the recommended improvement actions.

Here’s the most direct way to get to the Security & Compliance Center:

  1. Go to https://protection.office.com.
  2. Sign in to Office 365 using your work account.

You’re provided points when you apply recommended security features, perform security-related tasks (such as viewing reports), or address an improvement action using a third-party application or software.

Some actions, like using Multi-Factor Authentication (MFA), are scored for partial completion. Microsoft understands that security should always be balanced with usability. They know that every one of their recommendations might not work in your particular Office 365 environment.

Who Can View Your Microsoft Secure Score?

Your company’s Microsoft Secure Score can only be viewed by your:

  • Global Administrator
  • Security Administrator
  • Security Reader

These roles are assigned in the Azure Active Directory. If you have difficulty doing this, contact your IT support company for assistance.

What Else Should You Know?

In your Microsoft Secure Score, you can find additional recommendations from Azure Active Directory, Intune, and Cloud App Security. Additional recommendations will be coming from the Azure Security Center and Windows Defender ATP. You can also get your score using the Microsoft Graph API.

How Are Microsoft’s Security Recommendations Organized?

Microsoft recommendations are organized into groups to help you find the information you need:

  • Identity (the state of security for your Azure AD accounts and roles)
  • Data (the state of security for your Office 365 documents)
  • Device (the protection state of the devices you use)
  • Applications (the state of security for your email and cloud apps)
  • Infrastructure (the protection state of your Azure resources; coming soon)

Where Can You Find An Overview Of Your Office 365 Security?

The Microsoft Secure Score Overview Page provides an all-up view of your total score, the historical trend of your secure score with benchmark comparisons, and prioritized improvement actions that you can take to improve your score.

How Can You Take Actions To Improve Your Score?

You’ll find an Improvements Actions Tab that lists all the recommended actions you can take. It also shows the status of your recommended actions: completed, not completed, resolved through a third party, and ignored.

The actions labelled “Not Scored” aren’t tracked by Microsoft Secure Score. These are things that you can do to improve your security, but they won’t affect your Microsoft Secure Score.

What Third-Party Security Options Do You Have?

It’s best that you ask your IT support company. They may have their own recommendations for your business based on an overall IT security assessment of your infrastructure. In the meantime, two Office 365 security solutions that you can ask them about are:

  1. 2-Factor Authentication for Office 365
  2. An Office 365 Back-Up Solution

With MFA, a Health & Security Check, and the customized security solutions from your IT services company in Ottawa, you can feel confident about your company’s Office 365 security standing.

Need more information about cybersecurity? Check out these links:

Published On: 3rd June 2019 by Ernie Sherman.