Nowadays, especially after the COVID-19 pandemic, companies are increasingly shifting their focus to protecting their systems, information, and data. This is important because companies have a lot of questions about the principles of working from home. And because of that, good planning for setting up protection and secure access to information from different remote locations is a big challenge.

Working from home can pose a risk to secure access to information, and it is important to point out that many employees do not have proper protection at home in terms of network security. All devices used to access information and send and receive emails are significant targets of attacks aiming to get hold of information. One of the biggest challenges that companies face is implementing sufficient protection for sending/receiving emails. In addition to protection against viruses, malware, and phishing, the training and proper education of employees is a...

To access Microsoft Defender for Office 365, you need to have one of the previously mentioned licenses and administrator rights. It is enough to have Global Administrator rights to do any of the required configurations for the service. However, if you need to allocate access rights and activity permissions for the Microsoft Defender for Office 365 portal, then it is necessary to create a security group in Microsoft Entra ID and assign the following necessary administrator roles:

• Security Administrator
• Security Operator
• Security Reader
• Global Reader

Important note

Users with the specified administrator roles are also entitled to other Microsoft 365 Defender services, such as Microsoft Defender for Endpoint or Microsoft Defender for Cloud Apps.

Not so long ago, if the organization was planning to set up an Exchange Server instance on-premises, they had to plan for setting up both a proxy server and the additional protections for proper filtering of mail traffic. What has not changed with the transition to Exchange Online is that you still require adequately set-up DNS records for authentication of your mail system. The following are the records that you do still need to upload to Exchange Online at the level of your tenant:

• MX records
• SPF records
• DKIM records
• DMARC records

Depending on which type of Microsoft Defender for Office 365 plan you have (Plan 1 or Plan 2), there are different options for configuring policies and rules.

Plan 1 has a lot of different options, which can be useful when setting up protection for your mail traffic. The basic settings of Exchange Online Protection, in most cases, are not sufficient to satisfy all requirements...

In today’s fast-paced and interconnected world, keeping your sensitive information and digital treasures safe has become absolutely vital for organizations of all shapes and sizes. With remote work exploding in popularity and cyber threats becoming more and more sophisticated, making sure your organization’s data and communications are secure has never been more critical. And in this ever-evolving landscape of digital dangers, Microsoft Defender for Office 365 steps up as a real superhero in the world of modern cybersecurity.

Think of Microsoft Defender for Office 365 as your trusty shield, specially designed to safeguard your organization’s prized possessions within the Microsoft 365 universe. It’s like having a high-tech security squad at your disposal, complete with cutting-edge threat-spotting skills, intelligent algorithms, and powerful protective features. This formidable defender stands tall...

Threat Explorer is a feature in Microsoft Defender for Office 365 that provides an interactive interface to search and analyze threat intelligence data. It allows security administrators to quickly identify and investigate security threats, view threat information and trends, and take action to mitigate potential threats. Threat Explorer also provides insights into attacker behavior and helps to identify patterns and correlations in security events. This information can be used to fine-tune security policies, improve incident response procedures, and proactively detect and prevent future attacks. The following screenshot shows options and information available in the Threat Explorer portal. It is very useful for a daily or weekly overview of what is happening in your tenant:

Figure 3.31 – The Threat Explorer portal

Also, keep in mind that it is important to check your own Secure Score from time to time...

Microsoft Defender for Office 365 is a comprehensive security solution designed to protect against threats to an organization’s Office 365 environment. It provides a multi-layered defense using a combination of machine learning, behavior analysis, and threat intelligence to detect and prevent attacks. This solution protects against a wide range of security threats such as phishing, malware, and ransomware attacks.

Microsoft Defender for Office 365 also includes threat protection for email, files, and links. It uses advanced filters and algorithms to identify suspicious content and can automatically take action to block or quarantine malicious messages, attachments, and links. The solution integrates with other Microsoft security products, such as Microsoft Entra ID, for a comprehensive defense across an organization’s entire environment. In addition to protection against security threats, Microsoft Defender for Office 365 provides advanced reporting and management...