SECURITY BASELINES & CONFIGURATION HARDENING

At UserCompute, we prioritise a proactive approach to security by implementing Microsoft’s security baseline templates. These pre-configured policy sets are designed to align with industry best practices and Microsoft’s security recommendations.

Applying Microsoft’s Security Baseline Templates

By applying these templates, organisations can establish a strong security foundation across their Microsoft 365 environments.

Key Benefits:

• Standardisation: Ensures consistent security settings across all devices and applications.

• Efficiency: Reduces the time and effort required to configure individual security settings.

• Compliance: Helps meet regulatory and organisational security requirements.

To apply a security baseline template, navigate to the Microsoft 365 Defender portal, select Security Baselines, and choose the appropriate baseline for your environment. Follow the guided steps to deploy the baseline settings across your organisation.

Hardening Exchange Online Settings

Exchange Online is a critical component of Microsoft 365, and securing it is paramount. UserCompute recommends the following hardening measures to protect your organisation’s email infrastructure:

• Mailbox Auditing: Enable mailbox auditing to track actions performed by users and administrators. This helps in identifying unauthorised access or suspicious activities. Microsoft provides detailed guidance on configuring mailbox auditing in Exchange Online.

• Encryption: Ensure that email messages are encrypted both in transit and at rest. Utilise Transport Layer Security (TLS) for emails in transit and Information Rights Management (IRM) for messages at rest.

• Anti-Malware Policies: Configure anti-malware policies to scan incoming and outgoing emails for malicious attachments. Customise these policies to suit your organisation’s specific needs. For more information on configuring anti-malware policies, refer to Microsoft’s documentation.

• Access Controls: Implement strict access controls by disabling legacy authentication protocols and enforcing Multi-Factor Authentication (MFA) for all users.

By implementing these hardening measures, organisations can significantly reduce the risk of email-based threats and ensure the integrity of their communication channels.

Advanced Threat Protection (ATP) & Safe Links/Safe Attachments

UserCompute leverages Microsoft’s Advanced Threat Protection (ATP) features to provide an additional layer of security against sophisticated threats:

• Safe Links: Scans URLs in emails and Office documents to identify and block malicious links. This feature provides real-time protection against phishing attacks. For more details on Safe Links, visit Microsoft’s official documentation.

• Safe Attachments: Analyse email attachments in a virtual environment before they reach the recipient. This process, known as detonation, helps identify and block harmful attachments such as malware or ransomware.

By integrating ATP features like Safe Links and Safe Attachments, organisations can enhance their defences against evolving cyber threats and ensure a secure email environment.

By implementing Microsoft’s security baseline templates, hardening Exchange Online settings, and utilising Advanced Threat Protection features, UserCompute helps organisations build a secure and resilient Microsoft 365 environment. If you need assistance with any of these configurations or have questions about securing your tenant, feel free to reach out to our support team.