The Top 5 Cybersecurity Policies to turn on in Microsoft 365 now
There is a reasonable number of organisations that operate under the dangerous assumption that Microsoft 365 is secure out of the box. The reality is that several arguably critical security features are disabled by default, meanwhile, several legacy technologies are left enabled. This helps with compatibility but is an open window when it comes to security. This leaves businesses exposed to phishing, credential theft, and other common types of cyber threats.
Relying on default settings isn’t just an IT oversight, it’s a governance failure leaving client data vulnerable to common, preventable threats. Fortunately, improving your cybersecurity posture doesn’t require a major overhaul, and by enabling a handful of key policies (which we’ve highlighted below), you can significantly reduce risk and boost your Microsoft Secure Score, a measurable indicator of your resilience.
We recommend that you start this journey by reviewing and optimising your Secure Score in Microsoft 365 Defender. If you’re not sure what this is, please check out one of my previous articles here (https://buchanantechnology.co.uk/insights/microsoft-secure-score-business-security) This metric isn’t just a number; it’s a roadmap to stronger security.
Our standard and initial playbook includes:
Enforcing Multi-Factor Authentication (MFA) for all users, especially administrators, requires users to provide two or more verification factors (i.e. password + code via mobile app) before granting access, and protects against credential theft and brute-force attacks.
Segregating admin and user accounts (never use the same credentials for both roles) ensures administrator use dedicated accounts for privileged tasks, protecting against privilege escalation and accidental account exposure of standard users.
Enabling Safe Links and Safe Attachments to neutralise malicious content before it reaches inboxes, blocking malicious attachments and URLs and preventing phishing and malware infections before users are exposed to them.
Disabling legacy authentication protocols, which are a favourite target for attackers, turns off outdated authentication methods like POP and IMAP mailboxes that don’t support MFA. This helps to protect against legacy protocol exploits, which are an easy target for attackers as they can bypass modern security controls.
These steps are simple, cost-effective, and often overlooked. Yet they can make the difference between a close call and a breach that impacts your productivity, and potentially worse, your ability to engage in business activities and potentially reputational and compliance damage.
Failing to activate these features leaves your organisation vulnerable and may raise questions from regulators and auditors. Taking action now demonstrates due diligence, strengthens client confidence, and aligns with industry best practices.
As a quick reminder -
Review your Secure Score (I’ve put a link in the comments below).
Enforce MFA across the board.
Separate admin and user accounts.
Turn on Safe Links and Safe Attachments.
Disable legacy authentication methods.
Schedule periodic policy reviews to stay ahead of evolving threats.
Bottom line: Don’t assume your cloud environment is secure by default. The right policies, applied at the right time, can transform your Microsoft 365 tenant from a soft target into a hardened defence.
As always, please reach out if you have any questions or I can help with anything related to the cybersecurity posture of your business, even if it’s just a quick 15-minute call that can help you on your journey.
This article was originally written and published by Jordan Gall, Head of Cybersecurity at B.TECH, as part of his ongoing insights on cybersecurity and business resilience. You can read the original post on his LinkedIn profile.
