Crowdsourcing: What tips or actions would you advise an M365 administrator to follow to better secure M365 and prevent a breach?
Currently this is my list:
1) Turn on multifactor authentication.
1) SMS/Text is good enough.
2) Basic Microsoft Authenticator is better.
3) Physical token (e.g.: Yubikey) is best.
2) Make use of Conditional Access Policies.
1) Block logins from foreign countries and other geographies.
2) Prompt MFA on riskier logins.
3) Regularly review the audit log.
4) Alert on new mailbox rules.
5) Configure an “External Warning” at the top of all emails that do not originate from your organization.
6) Ongoing end user training on the warning signs of an attack:
1) Unrequested MFA prompts.
2) Large amounts of SPAM emails.
3) Not receiving expected emails.
#m365 #breachprevention #advice #tips #crowdsource #community