Ensure Multi-Factor Authentication is active for all users
2
Identify and record all users that have administrative privileges
3
Review and confirm secure password policies are in place
4
Check that account lockouts are enabled for multiple incorrect login attempts
5
Verify data loss prevention policies are set up
6
Approval: Data Loss Prevention Policy
7
Configure and validate malware and spam protection settings
8
Set up alerts for suspicious activities
9
Audit and log all Office 365 activities
10
Ensure that all data is encrypted in transit and at rest
11
Approval: Encryption Policies
12
Check that all users have proper licenses for the services they are using
13
Confirm that the Secure Score is being monitored and improved
14
Confirm that all shared content is only accessible to required users
15
Approval: Shared Content Access
16
Set up mobile device management for Office 365
17
Verify Regular Software Updates and Patches
18
Approve plan for regular security training for all users
19
Check that all users are only using secure and approved apps
20
Approval: Security Training Plan
Ensure Multi-Factor Authentication is active for all users
Implement multi-factor authentication for all users to add an extra layer of security to their accounts. This will require users to provide additional verification, such as a code sent to their mobile device, in addition to their password. By enabling multi-factor authentication, we can greatly reduce the risk of unauthorized access and protect sensitive information. How can we ensure all users have enabled multi-factor authentication? What challenges might arise during this process and how can we overcome them? Are there any specific resources or tools that can help us with this task?
1
Inform users about the importance of multi-factor authentication
2
Provide instructions on how to enable multi-factor authentication
3
Monitor and track progress of users enabling multi-factor authentication
4
Offer assistance and support to users facing difficulties
5
Regularly remind and follow up with users who have not enabled multi-factor authentication
Identify and record all users that have administrative privileges
Identify and record all users who have administrative privileges in Office 365. Administrative privileges grant users extra control and access within the system, which can pose a potential security risk if not properly managed. By keeping a record of these users, we can ensure that only authorized individuals have administrative capabilities. What are the potential consequences of granting unauthorized users administrative privileges? How can we identify and verify users with administrative privileges? Are there any specific tools or resources that can assist us in this task?
1
Access the Office 365 Admin Center
2
Review user roles and permissions
3
Identify users with administrative privileges
4
Record the names and roles of users with administrative privileges
5
Regularly review and update the list of users with administrative privileges
Review and confirm secure password policies are in place
Review and confirm that secure password policies are in place for Office 365. Strong passwords are essential for protecting user accounts and preventing unauthorized access. By enforcing secure password policies, we can ensure that users create strong, unique passwords that are difficult to guess or crack. What are the elements of a secure password policy? How can we verify and enforce these policies? Are there any recommended resources or tools for implementing secure password policies?
1
Review current password policies
2
Assess the strength and effectiveness of existing password policies
3
Identify areas for improvement or changes
4
Update password policies to include secure requirements
5
Communicate and educate users about the new password policies
Check that account lockouts are enabled for multiple incorrect login attempts
Verify that account lockouts are enabled for multiple incorrect login attempts in Office 365. Account lockouts add an extra layer of security by temporarily locking an account after a certain number of unsuccessful login attempts. This helps protect against brute force attacks and unauthorized access attempts. How can we check if account lockouts are enabled? What should be the threshold for triggering an account lockout? Are there any challenges or concerns related to implementing account lockouts?
1
3
2
5
3
10
4
Unlimited
Verify data loss prevention policies are set up
Verify that data loss prevention (DLP) policies are set up in Office 365. DLP policies help prevent the accidental or intentional exposure of sensitive information by monitoring, detecting, and preventing the unauthorized transmission of data. By setting up DLP policies, we can protect valuable data and ensure compliance with regulatory requirements. How can we verify and configure DLP policies? What are the key elements to consider when setting up DLP policies? Are there any recommended resources or tools for this task?
1
Review current DLP policies
2
Assess the effectiveness of existing DLP policies
3
Identify areas for improvement or changes
4
Update or create new DLP policies based on the organization's needs
5
Regularly monitor and update DLP policies
Approval: Data Loss Prevention Policy
Will be submitted for approval:
Verify data loss prevention policies are set up
Will be submitted
Configure and validate malware and spam protection settings
Configure and validate the malware and spam protection settings in Office 365. Malware and spam are common security threats that can compromise the integrity of the system and put sensitive data at risk. By configuring and validating the malware and spam protection settings, we can minimize the chances of malware infections and reduce the amount of spam in user emails. What are the recommended settings for malware and spam protection? How can we validate the effectiveness of these settings? Are there any additional resources or tools that can help in this task?
1
Access the Exchange Admin Center
2
Review and configure malware protection settings
3
Review and configure spam protection settings
4
Test the effectiveness of the configured settings
5
Monitor and fine-tune the settings based on the results
Set up alerts for suspicious activities
Set up alerts for suspicious activities in Office 365. Suspicious activities, such as unauthorized access attempts or unusual user behavior, can indicate potential security threats. By configuring alerts, we can receive notifications when such activities occur and take immediate action to mitigate risks. What types of suspicious activities should be monitored? How can we configure and customize alerts based on our organization's needs? Are there any recommended tools or resources for setting up alerts?
1
Multiple failed login attempts
2
Unusual file sharing activity
3
Irregular email forwarding
4
Access from suspicious IP addresses
5
Abnormal user behavior patterns
Audit and log all Office 365 activities
Audit and log all Office 365 activities to keep a record of user actions and system events. Auditing and logging help detect suspicious activities, troubleshoot issues, and provide an audit trail for compliance purposes. By implementing comprehensive auditing and logging practices, we can ensure accountability and enhance the overall security posture. How can we enable and configure auditing and logging in Office 365? What are the key events or actions that should be audited and logged? Are there any recommended tools or resources for implementing auditing and logging?
1
Access the Security & Compliance Center
2
Review and enable auditing and logging settings
3
Specify the events or actions to be audited and logged
4
Regularly review and analyze the audit logs
5
Take appropriate actions based on the findings
Ensure that all data is encrypted in transit and at rest
Ensure that all data in Office 365 is encrypted both in transit and at rest. Encryption provides an additional layer of protection for sensitive data by rendering it unreadable without the appropriate encryption keys. By ensuring data encryption, we can mitigate the risk of unauthorized access and comply with privacy regulations. How can we verify and enforce data encryption in Office 365? Are there any specific encryption standards or protocols that should be followed? Are there any recommended resources or tools for implementing data encryption?
1
Transport Layer Security (TLS) for data in transit
2
BitLocker drive encryption for data at rest
3
Azure Information Protection for document-level encryption
4
Encryption of email communications
5
Database encryption
Approval: Encryption Policies
Will be submitted for approval:
Ensure that all data is encrypted in transit and at rest
Will be submitted
Check that all users have proper licenses for the services they are using
Check that all users in Office 365 have the proper licenses for the services they are using. Proper licensing ensures compliance with the terms and conditions set by Microsoft and helps prevent unauthorized access to services. By regularly checking and managing licenses, we can ensure that users have access to the appropriate services and prevent any compliance issues. How can we check and manage user licenses effectively? What are the potential consequences of using unlicensed services? Are there any recommended tools or resources for managing user licenses?
1
Access the Microsoft 365 admin center
2
Review and verify user licenses
3
Identify any users with incorrect or missing licenses
4
Assign or update licenses as necessary
5
Regularly review and update user licenses
Confirm that the Secure Score is being monitored and improved
Confirm that the Secure Score in Office 365 is being monitored and improved. The Secure Score provides a quantitative measure of the organization's security posture and identifies potential areas for improvement. By monitoring and improving the Secure Score, we can enhance the overall security resilience and reduce the risk of security incidents. How can we access and interpret the Secure Score? What actions can be taken to improve the Secure Score? Are there any recommended resources or tools for monitoring and improving the Secure Score?
1
Access the Microsoft Secure Score portal
2
Review the current Secure Score
3
Identify areas for improvement based on recommendations
4
Implement the recommended security measures
5
Regularly assess and track the Secure Score
Confirm that all shared content is only accessible to required users
Confirm that all shared content in Office 365 is only accessible to the required users. Controlling access to shared content helps prevent unauthorized individuals from accessing sensitive information. By ensuring proper access controls, we can maintain data confidentiality and minimize the risk of data breaches. How can we review and manage access controls for shared content? What steps can be taken to restrict access to specific users or groups? Are there any recommended resources or tools for managing access controls?
1
Identify shared content and associated access controls
2
Review and validate the access controls for each shared content
3
Identify any access control gaps or inconsistencies
4
Adjust access controls as necessary to ensure appropriate access
5
Regularly review and update access controls for shared content
Approval: Shared Content Access
Will be submitted for approval:
Confirm that all shared content is only accessible to required users
Will be submitted
Set up mobile device management for Office 365
Set up mobile device management (MDM) for Office 365 to manage and secure mobile devices used to access company data. MDM allows IT administrators to apply security policies, enforce device encryption, and remotely wipe data from lost or stolen devices. By implementing MDM, we can enhance the security of company data accessed through mobile devices. How can we set up and configure MDM for Office 365? What security policies should be enforced? Are there any recommended resources or tools for implementing MDM?
1
Access the Microsoft 365 admin center
2
Enable and configure the mobile device management feature
3
Define and apply security policies for mobile devices
4
Enforce device encryption and passcode requirements
5
Regularly monitor and manage enrolled devices
Verify Regular Software Updates and Patches
Verify that regular software updates and patches are applied to Office 365. Software updates and patches address known security vulnerabilities and help keep the system secure against emerging threats. By ensuring regular updates and patches, we can minimize the risk of exploitation and unauthorized access. How can we verify that software updates and patches are regularly applied? How can we ensure timely deployment of updates? Are there any recommended resources or tools for managing software updates and patches?
1
Access the Office 365 Admin Center
2
Review the update and patch status
3
Schedule and deploy available updates and patches
4
Monitor and track the deployment progress
5
Regularly review and update the update and patch deployment strategy
Approve plan for regular security training for all users
Approve a plan for regular security training for all users in Office 365. Security training educates users on best practices, common threats, and how to recognize and respond to potential security incidents. By providing regular security training, we can improve user awareness, reduce the likelihood of security incidents, and enhance overall security in the organization. What topics should be covered in the security training? How often should training sessions be conducted? Are there any recommended resources or tools for delivering security training?
1
Identify key security topics to cover in the training
2
Develop training materials or resources
3
Schedule and conduct security training sessions
4
Track and monitor user participation and completion
5
Regularly evaluate and update the security training program
Check that all users are only using secure and approved apps
Check that all users in Office 365 are only using secure and approved apps. Unauthorized or insecure apps can pose significant security risks, such as data breaches or malware infections. By enforcing the use of secure and approved apps, we can reduce the potential for security incidents and ensure compliance with organizational policies. How can we check and enforce the use of secure and approved apps? What criteria should be considered when assessing app security? Are there any recommended resources or tools for managing app usage?
1
Identify the list of approved apps
2
Review and assess the security of each approved app
3
Communicate the approved app list to users
4
Regularly monitor and audit app usage
5
Take appropriate action for non-compliant apps
Approval: Security Training Plan
Will be submitted for approval:
Approve plan for regular security training for all users
