How to Secure Office 365: The Ultimate Guide

The threat of cyberattacks is a very real and growing problem. In fact, over half of all businesses were victims of ransomware attacks. If you are not taking precautions with how you use Office 365, your data could be at risk! This guide will teach how to protect yourself from these types of threats by teaching how to secure Office 365 and how to avoid common mistakes that leave your data vulnerable.

Office 365 Security Defaults

Defaults for Microsoft Office 365 security settings are preconfigured security settings that can assist you in protecting your Office 365 data against common dangers. 

How to Enable Security Defaults in Office 365

To enable security defaults in Office 365, follow these steps:

  1. Sign in to Office 365 with administrator credentials.
  2. In the left navigation pane, under Admin Centers, select Security & Compliance. 
  3. Under Threat Management > Policies, choose New Policy.
  4. In the Name box, type a name for your policy. 
  5. Scroll down to Detection & notification > Malware and Threat Management > Office 365 Advanced Data Governance policies list, select the first option (Office 365 Message Encryption).
  6. On the right side of the screen under Action, you should see two options: Enable or Disable. Choose “Enable.” This will ensure that all messages sent from this tenant are encrypted using OME as soon as possible after they’re created. The time it takes before encryption occurs depends on how long it takes email to reach OneDrive for Business where OME is enabled by default in every new message library you create.

Secure Office 365: Phishing Protection

Phishing is one of the most common ways that cybercriminals attempt to steal your data. They send an email that looks like it’s from a trusted source, such as your bank or a colleague and tries to trick you into giving away your password or other sensitive information. One way to protect yourself from phishing attacks is to be suspicious of any emails that ask for personal information and never respond directly to them. Instead, go to the website mentioned in the email by typing the address into your web browser’s address bar, rather than clicking on any links in the email.

Another way to stay safe from phishers is to use two-factor authentication (also known as two-step verification). This adds an extra layer of security to your account by requiring a special code, in addition to your password, each time you login. You can set up two-factor authentication for your Office 365 account by going to.

Additional Recommendations

If you’re ever unsure about the safety of an email or attachment, it’s always best to err on the side of caution and delete it. ransomware is a type of malware that encrypts all the files on your computer until you pay a ransom fee. The most common way ransomware is delivered is through infected attachments or links in phishing emails. To protect yourself from ransomware, be sure to install antivirus software on all of your devices and keep it up-to-date. You should also back up your data regularly so that you can restore it and stay protected if you do get infected with ransomware.