11 Jan 2020
Secure Office 365 and Microsoft 365 Business Plans
If you are a small or medium-size organization using one of Microsoft's business plans and your type of organization is targeted by cyber criminals and hackers, use the guidance in this article to increase the security of your organization.
Microsoft recommends that you complete the tasks listed in the following table that apply to your service plan.
1. Microsoft Secure Score
Before you begin, check your Microsoft 365 Secure Score in the Microsoft 365 security center. From a centralized dashboard, you can monitor and improve the security for your Microsoft 365 identities, data, apps, devices, and infrastructure. You are given points for configuring recommended security features, performing security-related tasks (such as viewing reports), or addressing recommendations with a third-party application or software. With additional insights and more visibility into a broader set of Microsoft products and services, you can feel confident reporting about your organization’s security health.
Using multi-factor authentication is one of the easiest and most effective ways to increase the security of your organization. It's easier than it sounds - when you log in, multi-factor authentication means you'll type a code from your phone to get access to Microsoft 365. This can prevent hackers from taking over if they know your password. Multi-factor authentication is also called 2-step verification. Individuals can add 2-step verification to most accounts easily, for example, to their Google or Microsoft accounts. Here's how to add two-step verification to your personal Microsoft account.
For businesses using Office 365 and Microsoft 365, add a setting that requires your users to log in using multi-factor authentication. When you make this change, users will be prompted to set up their phone for two-factor authentication next time they log in. To see a training video for how to set up MFA and how users complete the set up, see set up MFA and user set up.
To set up multi-factor authentication:
In the admin center, select Setup.
In the Sign-in and security section, under Turn on multi-factor authentication (MFA), select View.
On the Make sign-in more secure page, select Get started.
Select the Require multi-factor authentication for admins and Require users to register for multi-factor authentication and block access if risk is detected check boxes.
Under Do you want to exclude anyone from these policies, select any users that you want to exclude from the drop-down list box.
Select Create policy. You will return to the Make sign-in more secure page, which will now say Manage.
After you set up multi-factor authentication for your organization, your users will be required to set up two-step verification on their devices. For more information, see Set up 2-step verification for Office 365.
For full details and complete recommendations, see Set up multi-factor authentication for Office 365 users.
For more information