Banks and credit unions today face an ever-increasing number of cloud security hazards. Here’s the good news: Financial institutions that use Microsoft Active Directory (Azure AD) and Microsoft 365 can lower their risk by modifying their security settings for these services. Not only can this help the financial institution minimize threats, but it can allow them to customize the features of Azure AD and Microsoft 365 (previously called Office 365) to their specific preferences and requirements.
Organizations are responsible for managing Azure AD and its security settings because when they purchased M365 licenses, they established a Microsoft tenant with Azure AD. From a compliance perspective, adjusting Azure AD’s settings is crucial since Microsoft automatically enables certain features that may violate or conflict with compliance policies for organizations in regulated industries.
Optimizing /M365 and Exchange Online Settings
Depending on your institution’s licenses, there is a wide range of security and compliance settings you can customize in Azure AD, M365, and Exchange Online such as:
- OneDrive and SharePoint Sharing: Review the default level of sharing to control the flow of data based on what is appropriate for your institution.
- Teams and External Collaboration: Review the platform’s default security and compliance settings, and if they are not sufficient, you can block all external domains to keep users from communicating externally.
- Exchange Online: Control access, how emails are transmitted, the types of messages users can send to recipients in external domains, and the devices or apps that can connect.
- Protection Center: Use the Basic Mobility and Security feature to manage and secure the mobile devices that are connected to your Microsoft 365 organization.
- Security Center: Optimize email management by employing anti-spam policies for inbound emails, blocking automatic forwarding of outbound emails, using phishing simulations, quarantining potentially harmful messages, and blocking messages from fake senders.
- Compliance Center: Implement a retention policy to manage the data by proactively choosing how to retain or delete content.
- M365 Admin Center: Use modern authentication in Exchange Online to enhance your institution’s security with features like conditional access and multifactor authentication. (Microsoft strongly recommends turning off basic authentication for your organization.)
More Ways to Boost Security
You can further enhance cloud security by modifying the settings related to Azure AD Premium P1, Intune, and Azure Information Protection (AIP) licenses. With Azure AD Premium P1, for instance, you can include your institution’s logo, color scheme, and other branding elements on your Azure AD sign-in pages. You can also employ the hybrid Azure AD joined devices, conditional access policies, and password protection features. Microsoft Intune integration lets you configure policies to control how your institution’s devices and applications are used, including smartphones, tablets, and laptops. And AIP allows you to use deep content analysis to minimize data loss and enhance the labeling capabilities of Microsoft 365 to protect documents and emails.
M365 Security Basics Can Help
There are countless security settings that can be adjusted in Azure AD and /M365, and Microsoft is always introducing new features. This can make it difficult for institutions to ensure they have the most appropriate security, identity, and compliance settings—but our CloudInsight™ M365 Security Basics solution can make the process easier. M365 Security Basics is a collection of services designed to give community banks and credit unions a cost-effective way to manage their M365 settings. It offers reporting, the delivery of Microsoft data in a user-friendly format; alerting, notifications of the most common indicators of compromise; and quarterly reviews, expert analysis of M365 Security Basics reports, and explanations of the risk visible on the report and ways those risks may be mitigated.
To learn more about how to customize your institution’s Azure AD and M365 settings to bolster cloud security, access our “Microsoft Azure and M365 Security Basics” white paper.