It's getting stormy out there in data land. In Part 1 of this series on Office 365's Advanced Threat Protection, we introduced you to the features. Now for part two, we dive deeper into Office 365's data protection measures!
The following is inspired by Andrew Bettany's Lynda.com course: Staying safe with Advanced Threat Protection (ATP).
Did you know that encryption, device protection, threat intelligence, and identity management are some of the other protective measures provided by Office 365?
All data should be protected by using encryption, this applies to when it's in transit, such as data being downloaded from One Drive for business to a local PC, but also when it's at rest. This is handy for Sage 50 CA users taking advantage of the backup to the cloud feature available with the O365 integration.
There is also a Sage Contact feature which heavily integrates with MS Outlook online to allow an overview of a client or vendor's record with your business. For more details view our blog from March 2018 called "Understanding Sage Capture, Sage Contact, and Sage Intelligence."
BitLocker Drive Encryption is used for securing data held in Microsoft Data Centers and it can also be used on Windows Computers and tablets. With Customer Key, you can control the encryption keys that are used to encrypt your Office 365 data at rest in Microsoft Data Centers. If you're transferring large amounts of data to Office 365, such as during a migration, you can request to set up a dedicated TLS channel between the endpoints so that the data can be transported securely without being accessed by a man in the middle attack (what that? Read here).
Office 365 Service Encryption is an added layer of security at the application layer for data stored and exchanged online. Skype for Business, SharePoint online, and OneDrive for Business use it. To protect emails you can encrypt and rights-protect email messages by using the Office 365 Message Encryption that uses a sure information protection technology. More and more companies and employees are embracing technology on-the-go using their mobile devices to access information and work.
Whilst this type of practice is to be embraced, we need to ensure that this does not pose a security risk for administrators. Some versions of Office 365 and Microsoft 365 include device compliance actions which allow you to control how, when and by whom your data is accessed. The device management features offered by Office 365 are not the same extensive capabilities that you might find in Microsoft Intune or Microsoft 365, but you can secure devices by setting in managing security policies for devices including requiring device encryption, the separation of corporate and personal data held on the same device. You can use remote device lock functionality if the device is lost or stolen.
How secure is your mobile device? We've got security TIPS for on the go accounting here.
Office 365 includes a feature called Threat Intelligence. Threat Intelligence analyzes patterns within your Office 365 environment to then provide you with insights and actions to prevent future attacks.
Administrators can view the information in the Office 365 Security and Compliance Center where data is gathered from user activity, authentication, emails, and security incidents. You can view the current security trends, your top targeted users, and the origin of the threats. Office 365 can manage and control devices and manage access to corporate data and applications. When combined with Microsoft Enterprise Mobility and Security, or EMS Suite, and Microsoft Intune, you can use additional functionality to prevent unauthorized access and restrict device functionality such as disabling copy and paste within a specific app, or restricting the camera function.
Lisez ce blog en français
Thanks for reading!
For more resources visit: Sage Product Support Resources for help with products in North America