Return to Website

This forum is only for the technical matters. Please use contact in the main site for other topics including business inquiry.Any post other than technical topics may be removed by webmaster without permission. We hope your kind understanding about the the operation policy of the forum.

General Forum
Start a New Topic 
Author
Comment
GCC Security Checklist: 10 Actions to Implement Immidiately

The single most impactful action an administrator can take is to secure their tenant.

2. Enable unified audit logging in the Security and Compliance Center
While available to all tenants, it is not enabled by default. Enabling unified auditing allows admins to determine the impact of any breach attempts easily and quickly.Though the Office 365 GCC High Pricing is a concern for some, it is one of the securest platforms available in the market.

3. Enable mailbox auditing for each user.
In Microsoft Government Cloud, Mailbox activity can often be an early indication of an intrusion, as the attacker looks to spread their access within the system or to other targets.

4. Ensure Azure AD password sync is planned for and configured correctly prior to migrating users.
By maintaining a single password for a single username, the risk of human error and the available number of attack opportunities are reduced.

5. Disable legacy email protocols, if not required, or limit their use to specific users.
Legacy protocols are used for many services due to their simplicity and ubiquity. However, they are legacy because better, more secure protocols have replaced them. Disabling them greatly improves your security stance.

6. Protect Global Admins from compromise and use the principle of “Least Privilege.”
Global Administrators should not be using an account with elevated privileges for their day-to-day work. Create a separate account with GA privileges for administrative use, while all other “business” is conducted on an account with regular user-level permissions. GA privileged accounts should not be used for sending/receiving emails.
Use Application Profiles (token, not service account) – the app profile creates a token to authenticate into the tenant. After the GA has authorized the application, its credentials are not used to authenticate the application.

7. Enable Alerting capabilities.
Automation allows attackers to act faster than humans can react. Automated monitoring and alerting will notice attacks before you will.

8. Integrate with organizational SIEM solutions.
SIEM solutions aggregate and surface critical information to ensure threats or attacks are not “lost in the noise’” or other warnings are overlooked.

9. End-user security awareness and compliance training
No matter how good your security policies, plans, and controls, a user that doesn’t practice good security can undo all your hard work and allow a breach. Security awareness and compliance training is critical to keeping your tenant secure.

10. Over-permission end-users
End-users with higher than necessary permissions can create an opening into your tenant if their account is compromised.

To learn more about GoDaddy Office 365 visit O365CloudExperts.