Infographic text included for screen readers:
Your organization is moving to Office 365. Now what?
Office 356 Security Checklist:
As you prepare for your Office 365 implementation, this checklist will serve as a guide to assist you through the multiple dimensions of an Office 365 migration and the selection of your solution for securing it.
Contextual visibility
- Continuously scan Office 365 content, emails, and transactions to remediate and prevent the proliferation of ransomware, Advanced Persistent Threats (APTs), and other malware.
- Strive to achieve a single console for visibility and policy controls, including access governance, data security, threat protection, account hijacking, and compliance reporting across Software as a Service (SaaS) apps and infrastructure services. These services might include file sharing data storage, email, messaging, collaboration, and other business enablement services.
- Activate advanced threat analytics, inclusive of Indicators of Compromise (IoC), for efficient discovery and remediation.
Alerts
- Create passive mode alerting to test existing policies to reduce triggering false positives that could introduce friction to employees.
- Categorize alerts based on severity (low, moderate, high) in an effort to begin to see where automation opportunities may exist.
- Report and communicate anomalies across all applications, data sources, and clouds to internal teams and executive champions.
Policies
- Create access controls and authentication methods that protect the front doors into business systems, inclusive of policies that trigger additional means of authentication based on behavior.
- Enforce usage controls and authorization policies based on location, device type, user group, and user behavioral risk level. Ideally, create a single policy that encompasses email, file sharing, collaboration, Office 365, and other cloud apps.
- Reduce operational complexity in a multi-cloud world with consistent policy controls and directory integration.
Protection
- Embrace Data Loss Prevention (DLP) in the cloud that automatically classifies and tracks structured, unstructured, and interactive content in OneDrive, Email, SharePoint Sites, Teams and Groups, and Yammer.
- Implement one solution to protect all cloud services while triggering encryption of sensitive data.
- Test for detection efficacy and false positive rates.
Detection
- Continuously analyze external and internal email content, activity in apps, transactions with apps, content-in-motion and content-at-rest in Office 365 to detect, block, or quarantine threats.
- Utilize machine learning, email threat isolation, impersonation controls, link protection, cloud sandboxing, user behavior analytics, and threat analytics.
- Be prepared for sophisticated attacks that cannot be stopped or detected with single point security tools.
Automation
- Create security and access controls over data-in-motion and data-at-rest end-to-end from the user to the cloud for your office 365 and other SaaS and Infrastructure as a Service (IaaS) accounts.
- Automatically identify high risk user accounts, compromised accounts, and insider threats with data science-driven user behavior analytics and adaptive authentication that forces policies based on user behavior.
- Leverage Artificial Intelligence (AI) built into the cloud that provides visibility into external and internal vulnerabilities and helps to remediate issues without manual intervention.
All trademark names are property of their respective companies. Information contained in this publication has been obtained by sources The Enterprise Strategy Group (ESG) considers to be reliable but is not warranted by ESG. This publication may contain opinions of ESG, which are subject to change. This publication is copyrighted by The Enterprise Strategy Group, Inc. Any reproduction or redistribution of this publication, in whole or in part, whether in hard-copy format, electronically, or otherwise to persons not authorized to receive it, without the express consent of The Enterprise Strategy Group, Inc., is in violation of U.S. copyright law and will be subject to an action for civil damages, and if applicable, criminal prosecution. Should you have any questions, please contact ESG Client Relations at 508.482.0188.
Created exclusively for Symantec by The Enterprise Strategy Group, Inc. 2018