Just-Tech Blog

CERT Issues Microsoft Office 365 Security Recommendations

Written by Donald G. Carder | May 1, 2020 3:45:00 PM

With the sudden surge in demand for remote work capabilities, and lot of firms have found themselves under pressure to roll out solutions under shortened time frames, often without necessary best practice planning, execution, and testing. As a result, some systems may go into place that have inherent security flaws that could lead to dire consequences down the road.

With this in mind, The U.S. Computer Emergency Readiness Team (CISA/CERT) has issued an advisory bulletin detailing how I.T. and Network Administrators can address one such project: the implementation and r0llout of Microsoft’s Office 365 cloud-based productivity and collaboration suite.

The key points:

  • Enable multi-factor authentication for administrator accounts.
  • Assign Administrator roles using Role-based Access Control (RBAC).
  • Enable Unified Audit Log (UAL).
  • Enable multi-factor authentication for all users.
  • Disable legacy protocol authentication when appropriate.
  • Enable alerts for suspicious activity.
  • Incorporate Microsoft Secure Score.
  • Integrate Logs with your existing SIEM tool.

Additional details can be found within the full alert, along with links detailing some of the methodologies and best-practices to observe. The full text of the alert can be found here:

Alert (AA20-120A): Microsoft Office 365 Security Recommendations

Network administrators should note that CERT has a mailing list for alerts and advisories such as the above. You can subscribe to the list – which is low volume – via this link.