Tag Archives: Two Factor Authentication

Office 365: Security Best Practices

Microsoft Office 365 has become a common necessity for business and enterprises alike. As data loss and security breaches continue to grow, it is essential to use best practice to assure Office 365 security.

Multi-Factor Authentication

Multi-factor authentication (MFA) is a security system that has become increasingly essential in Office 365 security. MFA requires more than one method of authentication to verify employee identity and credentials.

Managed from the Office 365 admin center, enabling multi-factor authentication prior to deploying Office 365 to the end user is the most successful way of setting it up. Microsoft permits MFA in three separate ways depending on business preference:

  • Mobile app as a second authentication factor.
  • Text message as a second authentication factor.
  • Phone call as a second authentication factor.

Mobile Device Management

Companies may have a “bring your own device” policy, and some may have regulations against employees bring their own devices. Regardless, employees are capable of accessing Office 365 data with phones and tablets.

Education is key to make certain of mobile device management (MDM) security, i.e., employees not accessing files with sensitive information. Nevertheless, there are always circumstances that cannot be accounted for.

Fortunately, Office 365 has built in mobile device management that is available for both Office 365 for Business and Office 365 Enterprise.  If employees use company-owned devices, admins are able to manage and revoke access to important data when needed. Mobile device management for Office 365 is a proper way of enhancing business security.

Data Encryption

Another best practice for file protection in Office 365 is to safeguard with data encryption. To assure the security of information, admins must implement security protocols regarding data that is stored with Office 365. This is exceptionally important for companies who acquire and store sensitive information such as social security, banking information, and health records.

Office 365 offers multiple encryption capabilities to prevent from business content being read by unauthorized users. By default, encryption at the computer level on Windows OS is by Bitlocker. Files being shared on OneDrive for Business and Sharepoint online are encrypted by TLS connections.

Office 365 is a vital tool for business and enterprises alike, there is an enormous importance to secure information. As a Microsoft Gold Partner, CompuOne is well-versed in securing Office 365 subscriptions. To learn more about security best practice for Office 365, please contact us.

Revamp Your Business Password Management

Let’s be honest, we use passwords for everything. From computer logins to retail sites, the use of passwords is so frequent it could potentially put professionals and consumers at risk. According to TechRepublic, 19% of business professionals use poor quality passwords or shared passwords, which could make accounts easily compromised.

It is in every organizations best interest to develop a password management plan to increase security and reduce the risk of data theft. Easy passwords simply won’t do any more. The following tips should be considered for business level password management:

Frequent password changes

Organizations must impose rules on frequent password changes. Password changes should be as frequent as 30 to 180 days; passwords should also never be repeated. Best practice is to ensure passwords have letters, numbers, and special characters.

Depending on the industry, this may already be a requirement under regulation. However, for smaller businesses, this could be a potential life-saver from security breaches. On a user level, frequent password changes may prevent unwanted access to personal information such as social media pages, bank accounts, etc.

Two factor authentication

Two factor authentication is used to confirm the end-user’s identity with a two-factor process. The first step in the process is the actual password, remember all decent passwords must have letters, numbers, and special characters. The second factor is something that the users will only know the answer to; such as a specific pin, answer to a question, or an association of an image.

Why should your business use two factor authentication? Simply because depending on your industry your password may not be enough. Passwords alone can be breakable by social engineering or brute force attacks, no matter how strong your password is. Implementing a two factor authentication can give an employer ease, knowing that employees or consumers have that added password protection.

How to store passwords

As mentioned previously, one user can have too many passwords to remember. There are many password management software’s out there, so many that it’s hard to determine what is considered the safest most reliable option. If choosing to go this route, remember that security mistakes can happen and be wary about what passwords you are storing.

Our recommendation to store passwords is to write them down with pen and paper.  Place your written password sheet in an area where you will remember it for safe storage. While this may sound tedious and paper theft is a concern, consider the fact that cyber crime is only increasing and a sheet of paper cannot be hacked.


For more information, contact us.