Tag Archives: encryption

Office 365: Security Best Practices

Microsoft Office 365 has become a common necessity for business and enterprises alike. As data loss and security breaches continue to grow, it is essential to use best practice to assure Office 365 security.

Multi-Factor Authentication

Multi-factor authentication (MFA) is a security system that has become increasingly essential in Office 365 security. MFA requires more than one method of authentication to verify employee identity and credentials.

Managed from the Office 365 admin center, enabling multi-factor authentication prior to deploying Office 365 to the end user is the most successful way of setting it up. Microsoft permits MFA in three separate ways depending on business preference:

  • Mobile app as a second authentication factor.
  • Text message as a second authentication factor.
  • Phone call as a second authentication factor.

Mobile Device Management

Companies may have a “bring your own device” policy, and some may have regulations against employees bring their own devices. Regardless, employees are capable of accessing Office 365 data with phones and tablets.

Education is key to make certain of mobile device management (MDM) security, i.e., employees not accessing files with sensitive information. Nevertheless, there are always circumstances that cannot be accounted for.

Fortunately, Office 365 has built in mobile device management that is available for both Office 365 for Business and Office 365 Enterprise.  If employees use company-owned devices, admins are able to manage and revoke access to important data when needed. Mobile device management for Office 365 is a proper way of enhancing business security.

Data Encryption

Another best practice for file protection in Office 365 is to safeguard with data encryption. To assure the security of information, admins must implement security protocols regarding data that is stored with Office 365. This is exceptionally important for companies who acquire and store sensitive information such as social security, banking information, and health records.

Office 365 offers multiple encryption capabilities to prevent from business content being read by unauthorized users. By default, encryption at the computer level on Windows OS is by Bitlocker. Files being shared on OneDrive for Business and Sharepoint online are encrypted by TLS connections.

Office 365 is a vital tool for business and enterprises alike, there is an enormous importance to secure information. As a Microsoft Gold Partner, CompuOne is well-versed in securing Office 365 subscriptions. To learn more about security best practice for Office 365, please contact us.

What is encryption?

Imagine sending an important file to a client without a safeguard protecting the information in the file. The likelihood of an unauthorized user accessing that data is much higher without encryption.

To understand what encryption is, you must also understand what plaintext and ciphertext is. Plaintext is data that is readable, plaintext is encrypted by creating an encoded version that is only readable with a decryption key, once plaintext is encrypted it becomes ciphertext. Encryption is used to safely transmit data across networks, it is created with a mathematical procedure otherwise known as cryptography.

There are two types of algorithms that are used to encrypt data today: symmetric and asymmetric.

Symmetric

Symmetric cryptography uses the same secret key to both encrypt plaintext and the decrypt of ciphertext, since it uses the same key that’s how the term symmetric was coined. The key can be a series of letters, a word, or numbers.

There are two types of symmetric-key encryption: stream ciphers or block ciphers.

  • Stream ciphers encrypt digits or letters of a message at once.
  • Block ciphers are a number of bits that are encrypted as a single unit.

Common symmetric-key algorithms include: Blowfish, Data Standard Encryption (DES), and Advanced Encryption Standard (AES).

Asymmetric

Asymmetric encryption is also known as public key cryptography. Simply put, it uses two different keys to transfer data safely. One key is public and is used to encrypt plaintext, the public key is allowed to be openly distributed without compromising data. The second key is private and used to decrypt the data, the private key can only be used by the receiver.

Since asymmetric encryption is very complex, it is usually only used for small amounts of data. There are two types of asymmetric-key encryption: public key encryption and digital signatures:

  • Public key encryption is where a message is encrypted with the recipient’s public key and cannot be decrypted without the matching private key.
  • Digital signature is a message that is signed with the senders’ private key and is verified by whomever has access to the senders’ public key.

Common asymmetric-key algorithms include: Rivest-Shamir-Adelman (RSA), Elliptic, Digital Signature Algorithm (DSA).

Hybrid Encryption

Hybrid encryption is encryption that is two or more encryption methods used together. With the speed of symmetric encryption and the security of asymmetric encryption, hybrid is considered highly secure and faster.

Data Security

IT systems today need modern encryption; it is vital for data security.  Depending on what industry your business is in, part of compliance is to ensure you have an encryption protocol in place. Encrypting data provides three elements of security:

  1. Data Integrity: Proof that the message hasn’t been alter.
  2. Authentication: Origin of the message is verified.
  3. Nonrepudiation: Sender can’t deny sending the message.

For information on data encryption, contact us today.