SecureIT 365 Security Pack Standard

The Microsoft 365 Business Basic and Std SKUs are extremely popular due to their lower price tags. While they lack the serious Security features available in Microsoft 365 Business Premium and EMS E3, they do pack a few Security related features that the Customers SHOULD use. 

Here is the Scope of the same:

  • Basic Mobility and Security

    • Enroll the mobile device

    • Wipe a Device in case its lost

    • Block unsupported devices from accessing Corporate Email

    • Setup Password Policy

    • View list of blocked devices

    • Unblock non-compliant or unsupported device for a user or group of users

    • Remove users so their devices are no longer managed by Basic Mobility and Security

  • Alert Policies

    • You can create various alert policies and then view alerts that match the conditions of the alert policies. These cover activities such as assigning admin access in Exchange Online, malware attacks, phishing attacks, and unusual volume of file deletions and external sharing

  • Identity and Access

    • Basic Multi Factor Authentication

    • SPF, DKIM, DMARC Records

  • Email DLP Standard

    • Restrict certain users to send emails only to Company users.  

    • Auto Forward messages to a sender’s manager for approval 

    • Block messages with executable attachments  

    • Setup Spam Confidence levels for Incoming Emails 

    • Organization wide message disclaimers, signatures, footers  

    • Forward message that contains sensitive information 

    • Forward messages that match one of the several criteria 

    • Setting up policy tips if there is policy violation

    • Supervisor Mailbox.  All messages can be copied to this account or just those sent internally or externally. This feature is very useful in preventing data leakage via email. 

    • Prevent download of attachment in Browser. View only  

    • Block browser access for email. Access only on Outlook app. 

    • Monitor Email forwarding 

    • Archive mailbox – Users can use the archive mailbox, also called a personal archive, to store historical messaging data by moving or copying messages from their primary mailbox to their archive mailbox. 

    • Retention Policies–Retention policies use retention tags to apply retention settings to e-mail messages and folders. Retention tags define an age limit that specifies how long items are retained, and a retention action that specifies what happens to items that reach the retention age limit. 

    • Sensitivity Labels. We can manually create the labels and apply to Documents which will help us to prevent Data Loss. 

  • SharePoint DLP

    • Setup basic MFA

    • Restrict user from deleting file

    • Restrict user from uploading file

    • Restrict user from creating new files & Folder

    • Restrict user from downloading file.

    • Permission can be assigned/restricted to the users and groups to create, upload and delete files and folders in SharePoint. (If only read permission is assigned to any user, edit and download will be restricted).

    • Share files internally or externally with specific permissions.

    • Hide specific file and folder from any user.

    • Audit Logs. 

    • Declare Record – (block edit and delete). 

    • Hide sync button so that Document folders cannot be synced offline.

    • Restrict external Sharing.

    • Allow or block Domain level sharing.

    • Restrict access from different location besides office.

    • Alert Policy – modified, delete, and download. Email Notification occurs whenever any of the specified alert policy is matched.

    • Assign different permission (Read, Write And Full control) while sharing file to different users? If No, then how do you handle it?

  • OneDrive DLP

    • Do you have a system by which you assign different permission (Read, Write And Full control) while sharing file to different users? If no, then how do you handle it?

    • If you Shared sensitive Documents and folder with another person and want to prevent from downloading and editing. How do you do?

    • Can you have a system by which you allow or block Domain level sharing?

    • If there are certain document that you want, they can’t be access outside the organization. How do you do?

    • Sharing File With specific permission

    • Disable Sync Button

    • Restrict user from deleting file

    • Restrict user from uploading file

    • Restrict user from downloading file

    • Share file with Expiry date

    • Allow access only from specific IP locations

    • Block / Allow domain Sharing

    • Hide Specific File & Folder from any Use

    • Document Retention Policy Alert for Document Creation, Deletion, Shared, Site Admin Activity etc.

  • Teams DLP

  1. Setup basic Multi Factor Authentication

  2. External User Restriction: Block external users completely or only selected domains or allow only selected domains. Users in R and D may need strict control. But Sales and Marketing teams may need less controls.

  3. Manage Meeting Policies: You can set various policies to ensure that Teams meeting comply with the Company rules and compliances.

  4. Decide who can edit or delete Chat messages

  5. Disallow Screen share and Private calls

  6. Shared device sign-out: Many Firstline Workers use a single tablet or mobile device that is shared between shifts. This can pose unique security challenges to the organization when different employees who have access to different types of data use the same device over the course of a day. With shared device sign-out, Firstline Workers will be able to log out of all their Microsoft 365 and custom applications and browser sessions with one click at the end of their shift—preventing their data as well as any access to customer data from being accessible to the next user of that device.

  7. Off-shift access controls for Teams app: IT administrators can now configure Teams to limit employee access to the app on their personal device outside of working hours. This feature helps ensure employees are not involuntarily working while not on shift and helps employers to comply with labor regulations.

  8. Chat retention policies (data preservation and deletion): By Default, Content is retained forever.  But this can be changed with policies; 1 day delete; one month delete; one year delete; 7 years delete.

  9. Information barriers created using power shells will prevent some groups to communicate from each other.

So do connect with us and give your Productivity a Boost with the help of Consultants from TechGyan.

+91-9619197232

+91-7045263107

sales@techgyan.com

Our Solutions

Leave a Reply

Close Menu
Share with Confidence | TechGyan - Cloud Changes Everything