{"id":63638,"date":"2023-01-30T17:06:17","date_gmt":"2023-01-30T09:06:17","guid":{"rendered":"https:\/\/version-2.com.sg\/?p=63638"},"modified":"2024-09-13T16:31:47","modified_gmt":"2024-09-13T08:31:47","slug":"microsoft-office-365-security-best-practices-for-business","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2023\/01\/microsoft-office-365-security-best-practices-for-business\/","title":{"rendered":"Microsoft Office 365 security best practices for business"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"63638\" class=\"elementor elementor-63638\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-35fe5dd post-content elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"35fe5dd\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;cef08c3&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-409a2e9a\" data-id=\"409a2e9a\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5a8be8f elementor-widget elementor-widget-text-editor\" data-id=\"5a8be8f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><img fetchpriority=\"high\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/1nEtqcC5WKNk4YoK0UN1MH\/7efd5f625c24d8cea697a27559eee22f\/Office_365_security_best_practices_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\" width=\"1400\" height=\"800\" \/><\/p><div class=\"nord-col lg:col-8 lg:offset-1 break-words mt-5 text-grey-shuttle\"><article><p class=\"my-4 blog-paragraph text-still-dark-blue\">Office 365 is a popular business platform worldwide. Its blend of collaboration tools, office apps, and cloud storage components makes Office 365 a go-to option for many companies. But the popularity of Office also makes it a popular target for cyber-attackers.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Securing data and protecting assets is critically important when using Office 365. This blog will discuss the major threats faced by users and we will suggest some security best practices. Office 365 is a safe place to run business operations. But you need awareness and policies to make that safety a reality.<\/p><h2 id=\"how-secure-is-office-365\" class=\"Heading Heading-h2 text-dark-blue\">How secure is Office 365?<\/h2><p class=\"my-4 blog-paragraph text-still-dark-blue\">Office 365 is a suite of cloud-based business tools. Like all cloud applications and platforms, Office is vulnerable to external attackers. Cyber-attackers can breach user defenses. They can access sensitive data, disrupt operations, and cause plenty of damage before they are stopped.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Security concerns are real. Up to 85% of organizations using Office 365<a class=\"hyperlink Link Link--blue-dodger font-medium\" href=\"https:\/\/www.egress.com\/blog\/data-loss-prevention\/microsoft-email-dlp\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\"> suffered an email data loss in 2021<\/a>. 15% of organizations using the platform suffered more than 500 breaches in the same year. Just 4% of organizations not using Office 365 reported the same data breach frequency.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Microsoft has toughened Office security features in the past few years. However, Office 365 users still need to control their security posture. If you can find a secure configuration that meets your needs, you can use the platform safely. The first step in doing so is mastering the security features supplied by Microsoft.<\/p><h2 id=\"security-features-in-office-365\" class=\"Heading Heading-h2 text-dark-blue\">Security features in Office 365<\/h2><p class=\"my-4 blog-paragraph text-still-dark-blue\">Users can access most Office 365 security features via the <strong>Security and Compliance Center <\/strong>on Microsoft Accounts. This cloud-based portal allows users to choose several critical security functions. These functions include:<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">1. Identity and Access Management (IAM)<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Microsoft\u2019s IAM solution lets you set up digital identities for all Office users.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Every user has a digital identity containing their authentication details and authorization information. This lets administrators add adaptive multi-factor authentication for all log-ins. Admins can manage passwords efficiently, onboard and remove users as needed.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">IAM also allows you to manage authorization options for all users. Admins can set privileges based on roles or individual requirements. This limits app access to users with appropriate permissions. Unauthorized outsiders won\u2019t be able to intrude.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">2. Information security<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">With <strong>Microsoft Information Protection<\/strong> (MIP), users can manage data as it travels across Office cloud resources and even on remote work devices.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Users can classify data to ensure it only reaches authorized devices. Set different sensitivity levels to make data available or defend it as required.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Classification works alongside <strong>Data Loss Prevention <\/strong>(DLP) and <strong>Microsoft Information Governance <\/strong>(MIG) tools. Create robust security controls for confidential data, and set lifecycle controls to delete data when it is not needed.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">3. Threat defenses<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Microsoft offers Office-native Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) features. Together, they neutralize cyber threats and track traffic to assess security weaknesses.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Azure Sentinel <\/strong>is a SIEM system that uses Artificial Intelligence to monitor the Office environment. Sentinel can track every active Office application and device. Security teams benefit from real-time visibility across the threat surface.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Azure Defender<\/strong> and <strong>Office 365 Defender<\/strong> are XDR tools. They extend threat detection to all endpoints, including email accounts and cloud applications.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">4. Risk management<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Office 365 includes a suite of tools to manage risks and ensure compliance. These tools identify and classify risks, focusing on data protection across an Office 365 environment.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Risk management tools allow security teams to assess insider threats, manage the risk of insecure communications, and fine-tune privileges for admin accounts. Audit tools let you drill down into compliance issues until every data security weakness is covered.<\/p><h2 id=\"what-are-the-most-important-office-365-security-concerns\" class=\"Heading Heading-h2 text-dark-blue\">What are the most important Office 365 security concerns?<\/h2><p class=\"my-4 blog-paragraph text-still-dark-blue\">The security tools above are comprehensive and flexible. But they are generally voluntary. <strong>Users need to create their own security setup and choose measures that fit their Office implementation<\/strong>.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Office 365 leaves plenty of room for misconfigurations. And these gaps are the ideal space for attackers to work. Here are some critical threats for security managers to assess:<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">1. Credential theft and unauthorized access<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Cyber attackers may gain access to your entire Office 365 environment if they steal user credentials. Users can leak credentials in many ways. For instance, employees could:<\/p><ul class=\"list\"><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\">Share information insecurely via Office collaboration apps<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\">Click on attachments that extract personal data<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\">Follow unsafe links in social engineering email messages<\/p><\/li><li class=\"ml-4 pl-4\"><p class=\"my-4 blog-paragraph text-still-dark-blue\">Install malware onto a connected device<\/p><\/li><\/ul><p class=\"my-4 blog-paragraph text-still-dark-blue\">Credential theft is a constant security concern for Office 365 managers. Office does include multi-factor authentication, but <strong>MFA is not enabled as a default.<\/strong> Many companies forget to apply extra authentication and suffer as a result.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">2. Unsafe privileges<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">According to <a class=\"hyperlink Link Link--blue-dodger font-medium\" href=\"\/learn\/zero-trust\/principles\/\">Zero Trust principles<\/a>, Office 365 users should have access to the resources they need and nothing more. Limiting access to sensitive data makes data extraction and loss less likely. Hackers cannot freely access data. Employees won\u2019t be able to leak data during their tasks accidentally.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">However, <strong>privileges creep can lead to too many people having access to too much data<\/strong>. By default, every Global Administrator Account has extensive privileges. Security teams need to restrict admin accounts manually. This potentially leaves scope to abuse access and steal data.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">3. Data loss<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Data breaches are a nightmare scenario for Office 365 managers, but they are possible without adequate security controls.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">The major problem here is sharing. Office is built to enable information exchange. Workers share documents, conversations, databases, and much more. This is great at an operational level. But the flow of data is a security problem.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Data can leak via many storage locations or sharing tools<\/strong>. Employees may not know about data sharing risks or how to store data securely. And data can pass to unauthorized third parties without the knowledge of security teams.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">4. Complacency<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Many companies move from on-premises Office implementations to cloud-based 365 environments. While the applications are familiar, <strong>the security context of these two setups is very different.<\/strong><\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Security managers may lack visibility of all cloud endpoints and in-use applications. They may lose sight of data containers or fail to turn on necessary security features. Sharing tools like SharePoint present new risks, such as allowing access for third-party guests. But these new risks aren\u2019t always detected during cloud transitions.<\/p><h2 id=\"office-365-security-best-practices-for-business\" class=\"Heading Heading-h2 text-dark-blue\">Office 365 security best practices for business<\/h2><div class=\"gatsby-image-wrapper\" data-gatsby-image-wrapper=\"\"><div style=\"opacity: 0; transition: opacity 500ms linear 0s; object-fit: cover;\" aria-hidden=\"true\" data-placeholder-image=\"\">\u00a0<\/div><p><picture><source srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/27eNkP1yw1NziRKA0pzrke\/cadf55d494ad705d61b74d76add57b32\/Office_365_security_best_practices_1400x700.png?w=750&amp;h=375&amp;q=50&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/27eNkP1yw1NziRKA0pzrke\/cadf55d494ad705d61b74d76add57b32\/Office_365_security_best_practices_1400x700.png?w=1080&amp;h=540&amp;q=50&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/27eNkP1yw1NziRKA0pzrke\/cadf55d494ad705d61b74d76add57b32\/Office_365_security_best_practices_1400x700.png?w=1366&amp;h=683&amp;q=50&amp;fm=webp 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/27eNkP1yw1NziRKA0pzrke\/cadf55d494ad705d61b74d76add57b32\/Office_365_security_best_practices_1400x700.png?w=1400&amp;h=700&amp;q=50&amp;fm=webp 1400w\" type=\"image\/webp\" sizes=\"100vw\" \/><img decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/27eNkP1yw1NziRKA0pzrke\/cadf55d494ad705d61b74d76add57b32\/Office_365_security_best_practices_1400x700.png?w=1400&amp;h=700&amp;q=50&amp;fm=webp\" width=\"1400\" height=\"700\" \/><\/picture><picture><img decoding=\"async\" style=\"object-fit: cover; opacity: 1;\" title=\"the best practices for using microsoft office 365 for business\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/27eNkP1yw1NziRKA0pzrke\/cadf55d494ad705d61b74d76add57b32\/Office_365_security_best_practices_1400x700.png?w=1400&amp;h=700&amp;q=50&amp;fm=png\" sizes=\"100vw\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/27eNkP1yw1NziRKA0pzrke\/cadf55d494ad705d61b74d76add57b32\/Office_365_security_best_practices_1400x700.png?w=750&amp;h=375&amp;q=50&amp;fm=png 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/27eNkP1yw1NziRKA0pzrke\/cadf55d494ad705d61b74d76add57b32\/Office_365_security_best_practices_1400x700.png?w=1080&amp;h=540&amp;q=50&amp;fm=png 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/27eNkP1yw1NziRKA0pzrke\/cadf55d494ad705d61b74d76add57b32\/Office_365_security_best_practices_1400x700.png?w=1366&amp;h=683&amp;q=50&amp;fm=png 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/27eNkP1yw1NziRKA0pzrke\/cadf55d494ad705d61b74d76add57b32\/Office_365_security_best_practices_1400x700.png?w=1400&amp;h=700&amp;q=50&amp;fm=png 1400w\" alt=\"the best practices for using microsoft office 365 for business\" width=\"1\" height=\"0.5\" data-main-image=\"\" \/><\/picture><noscript><picture><source type=\"image\/webp\" srcSet=\"https:\/\/images.ctfassets.net\/5natoedl294r\/27eNkP1yw1NziRKA0pzrke\/cadf55d494ad705d61b74d76add57b32\/Office_365_security_best_practices_1400x700.png?w=750&amp;h=375&amp;q=50&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/27eNkP1yw1NziRKA0pzrke\/cadf55d494ad705d61b74d76add57b32\/Office_365_security_best_practices_1400x700.png?w=1080&amp;h=540&amp;q=50&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/27eNkP1yw1NziRKA0pzrke\/cadf55d494ad705d61b74d76add57b32\/Office_365_security_best_practices_1400x700.png?w=1366&amp;h=683&amp;q=50&amp;fm=webp 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/27eNkP1yw1NziRKA0pzrke\/cadf55d494ad705d61b74d76add57b32\/Office_365_security_best_practices_1400x700.png?w=1400&amp;h=700&amp;q=50&amp;fm=webp 1400w\" sizes=\"100vw\"\/><img title=\"the best practices for using microsoft office 365 for business\" width=\"1\" height=\"0.5\" data-main-image=\"\" style=\"object-fit:cover;opacity:0\" sizes=\"auto, 100vw\" decoding=\"async\" loading=\"lazy\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/27eNkP1yw1NziRKA0pzrke\/cadf55d494ad705d61b74d76add57b32\/Office_365_security_best_practices_1400x700.png?w=1400&amp;h=700&amp;q=50&amp;fm=png\" srcSet=\"https:\/\/images.ctfassets.net\/5natoedl294r\/27eNkP1yw1NziRKA0pzrke\/cadf55d494ad705d61b74d76add57b32\/Office_365_security_best_practices_1400x700.png?w=750&amp;h=375&amp;q=50&amp;fm=png 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/27eNkP1yw1NziRKA0pzrke\/cadf55d494ad705d61b74d76add57b32\/Office_365_security_best_practices_1400x700.png?w=1080&amp;h=540&amp;q=50&amp;fm=png 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/27eNkP1yw1NziRKA0pzrke\/cadf55d494ad705d61b74d76add57b32\/Office_365_security_best_practices_1400x700.png?w=1366&amp;h=683&amp;q=50&amp;fm=png 1366w, https:\/\/images.ctfassets.net\/5natoedl294r\/27eNkP1yw1NziRKA0pzrke\/cadf55d494ad705d61b74d76add57b32\/Office_365_security_best_practices_1400x700.png?w=1400&amp;h=700&amp;q=50&amp;fm=png 1400w\" alt=\"the best practices for using microsoft office 365 for business\"\/><\/picture><\/noscript><\/p><\/div><p class=\"my-4 blog-paragraph text-still-dark-blue\">What can businesses do about the security threats listed above? The answer lies in applying Office 365 security best practices. By following these security practices, you can enjoy the benefits of information sharing and keeping data safe.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">1. Enable IAM<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Access management is the top priority when securing Office 365 environments. Companies must create a secure perimeter and restrict access for unauthenticated users. Users should have the privileges they need to carry out work, but no more access than they require.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Office 365 has built-in IAM tools to control authentication and authorization centrally. Set conditional access policies for every role and back up password access with MFA technologies. Bring all Office 365 apps together via Single Sign On (SSO). This makes it easier for employees to manage passwords. It also simplifies access management for security professionals.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">It is advisable to <strong>create separate user accounts for admins with elevated privileges. <\/strong>Every admin account requires maximum protection. Users should only use administrative accounts for specialist tasks, and rely on other accounts for everyday work.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">2. Educate users to understand Office 365 security<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Employees must know how to avoid phishing attacks. Build anti-phishing training into all onboarding processes and refresh this knowledge regularly. Workers should always be aware of dangerous email attachments and how to spot malicious links.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Users also require training in how to share information securely. Educate staff on how to use SharePoint and Teams without compromising security.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">3. Collaborate securely<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Education combines with robust collaboration app security to protect data in-transit. Install DLP systems to track sensitive files and ensure they stay within the network perimeter. DLP will alert managers if employees share critical data, and block any illegitimate transfers.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Set up <strong>Message Encryption<\/strong> on Teams and other communication tools. This protects the content of messages. Only authorized users will be able to read messages or open files.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Use <strong>Safe Attachments<\/strong> to scan all email attachments and shared files. Extend attachment protection to Teams, SharePoint and OneDrive so that all potential endpoints enjoy security coverage.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">4. Put in place anti-phishing protections<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Office 365 includes specialist tools to handle phishing attacks. These advanced threat protection tools go beyond trusting employees not to open malicious links. They actively inspect emails to detect malicious content.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">For example, users can sandbox attachments automatically with <strong>Application Guard<\/strong>. This creates a protected environment to open pdfs or spreadsheets. Application Guard scans files to detect unsafe sources. This matters because Office files are common attack vectors. Sandboxing makes it much less likely that an innocent document will spark a security alert.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>Safe Links<\/strong> is another useful anti-phishing tool that scans URLs to detect security concerns. And you can set \u201cexternal\u201d email tagging for inbound messages. This alerts users to be careful when opening external communications.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>These measures do not remove all phishing risks<\/strong>. Zero-day threats are still an issue. But together, Application Guard, email tagging and Safe Links provide plenty of defense against social engineering attacks.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">5. Use anti-malware solutions<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">When anti-phishing measures fail, malware protection tools enter the picture. Office 365 users should take advantage of Microsoft\u2019s anti-malware tools wherever possible.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Implement SIEM protection via Azure Sentinel, and use XDR to scan all endpoints. These two tools work together to detect malware infections and quarantine affected files. This should neutralize ransomware attacks before they take down network infrastructure.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">6. Strengthen your password policies<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">User access is the major Office 365 security weak point. And credential theft is the most common attack vector. Make it harder to mount credential stuffing attacks by enforcing strong password policies across all users.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Make sure Office users avoid real names and familiar words. Include multiple symbols and numbers, in combinations that are impossible to anticipate. Use password manager tools to store and update passwords. This reduces the risk of human error.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Generally, <strong>make sure users do not reuse passwords <\/strong>from other network assets. Every Office 365 user requires unique credentials, with no exceptions.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">7. Strengthen data security controls<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Employ MIP to<strong> lock down sensitive information and allow access to less important data<\/strong>. Office 365 lets you label sensitive information such as personally identifiable information (PII) and financial records. These labels enforce tools to keep sensitive data secure, such as encryption or watermarking.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">DLP also allows you to <strong>track data movements <\/strong>and prevent data leaving organizational boundaries. This makes it easier to work remotely without creating additional data loss risks.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">8. Check compliance and security scores<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Data security measures aim to meet strict compliance goals. For instance, you may need to protect financial records to comply with PCI-DSS, or meet HIPAA rules when handling patient details. Microsoft has created tools to make the compliance task easier, so use them when available.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">The Office 365 compliance portal provides guidance for meeting important regulations. It also includes a <strong>compliance score <\/strong>that charts your progress. Updated in real-time, the compliance score suggests required actions. It provides a useful road map to compliance across all Office 365 services.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Office also provides an overall <strong>Secure Score<\/strong>. This can be found in the Security Center, which records a percentage based on an organization&#8217;s security posture. Adding extra security measures boosts the score, and the system delivers recommendations based on your Office 365 setup.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">9. Optimize mobile device security<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Employees may use mobile devices to access Microsoft&#8217;s SaaS applications. This particularly applies to companies with large communities of remote workers or BYOD setups. In any case, it is advisable to implement Mobile Device Management (MDM) security solutions,<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">Office 365\u2019s MDM tools encrypt confidential data on mobile devices. They can wipe data from devices in the event of theft. And they prevent network access for stolen or compromised devices.<\/p><h3 class=\"Heading Heading-h3 text-dark-blue\">10. Put in place rock-solid Office auditing<\/h3><p class=\"my-4 blog-paragraph text-still-dark-blue\">Be sure to <strong>enable the Unified Audit Log<\/strong> via the Office 365 Security Center. The UAL lets you track user activity across all accounts. You can see who is sharing information and how that information spreads across your cloud environment.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">By default, audit logs provide 90 days of historical information, which isn\u2019t that much. However, you can extend the scope of audit logging to as long as ten years if desired. Longer periods provide a better evidence base for compliance management, but you will need measures to efficiently store and search audit data.<\/p><h2 id=\"ensure-secure-access-to-office-365-with-nordlayer\" class=\"Heading Heading-h2 text-dark-blue\">Ensure secure access to Office 365 with NordLayer<\/h2><p class=\"my-4 blog-paragraph text-still-dark-blue\">Collaborate, strategize, and store data safely with our office 365 security best practices. On-board security tools and solid staff education let you use Microsoft\u2019s business environment without creating unnecessary risks.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">However, just relying on Office 365 controls is a risky move. That\u2019s especially true for companies with hybrid cloud environments who manage multiple platforms and require<a class=\"hyperlink Link Link--blue-dodger font-medium\" href=\"\/saas-access-control\/\"> secure access to SaaS apps<\/a>. In those cases, <strong>it makes sense to apply enterprise-wide security solutions like NordLayer<\/strong>.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\"><strong>NordLayer\u2019s IP allowlisting tools supplement Office 365 security controls.<\/strong> Admins can define a list of authorized addresses. These IP addresses are then permitted access to Office resources. Unlisted devices are excluded or require additional verification.<\/p><p class=\"my-4 blog-paragraph text-still-dark-blue\">NordLayer encrypts traffic passing between employee devices and Office 365, countering man-in-the-middle style attacks. Threatblock also blocks malicious websites, reducing the risks posed by phishing attacks. Use Microsoft\u2019s internal features to secure Office 365. But go further, integrating Office into your wider cybersecurity setup. To find out more, <a class=\"hyperlink Link Link--blue-dodger font-medium\" href=\"\/contact-sales\/\">contact the NordLayer team<\/a> today.<\/p><\/article><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2004c86 elementor-widget elementor-widget-shortcode\" data-id=\"2004c86\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"64131\" class=\"elementor elementor-64131\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-35fe5dd post-content elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"35fe5dd\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;cef08c3&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-409a2e9a\" data-id=\"409a2e9a\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5a8be8f elementor-widget elementor-widget-text-editor\" data-id=\"5a8be8f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><img decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/s1.npass.app\/nordpass\/media\/1.1728.0\/images\/web\/blog\/svg\/business-continuity-plan-800x450.svg\" width=\"800\" height=\"450\" \/><\/p><div class=\"Post__content mx-auto container--m\"><div><div><p class=\"leading-loose text-lead my-3 font-medium\">These days, cybercrime is rampant. It&#8217;s no longer a matter of \u201cif\u201d you&#8217;re going to suffer an attack but \u201cwhen\u201d it will happen. All companies want to be ready for any crisis. And this is where a business continuity plan comes into play.<\/p><p class=\"leading-loose text-lead my-3 font-medium\">But what is a business continuity plan exactly? Why is it important? What should one include? Today, we&#8217;re exploring all these questions in-depth.<\/p><h2 id=\"what-is-a-business-continuity-plan\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">What is a business continuity plan?<\/h2><p class=\"leading-loose text-base my-3\">A business continuity plan (BCP) is a document that sets guidelines for how an organization will continue its operations in the event of a disruption, whether it&#8217;s a fire, flood, other natural disaster or a cybersecurity incident. A BCP aims to help organizations resume operations without significant downtime.<\/p><p class=\"leading-loose text-base my-3\">Unfortunately, according to a 2020 <a class=\"nord-link cursor-pointer outline-none transition-colors duration-250 ease-out text-teal hover:text-teal-dark\" href=\"https:\/\/www.mercer.com\/content\/dam\/mercer\/attachments\/global\/gl-2020-mercer-covid-19-global-survey-coronavirus-impact-to-global-market.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">Mercer survey<\/a>, 51% of businesses across the globe don&#8217;t have a business continuity plan in place.<\/p><h2 id=\"whats-the-difference-between-business-continuity-and-disaster-recovery-plans\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">What&#8217;s the difference between business continuity and disaster recovery plans?<\/h2><p class=\"leading-loose text-base my-3\">We often confuse the terms business continuity plan and disaster recovery plan. The two overlap and often work together, but the disaster recovery plan focuses on containing, examining, and restoring operations after a cyber incident. On the other hand, BCP is a broader concept that considers the whole organization. A business continuity plan helps organizations stay prepared for dealing with a potential crisis and usually encompasses a disaster recovery plan.<\/p><h2 id=\"importance-of-business-continuity-planning\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">Importance of business continuity planning<\/h2><p class=\"leading-loose text-base my-3\">The number of news headlines announcing data breaches has numbed us to the fact that cybercrime is very real and frequent and poses an existential risk to companies of all sizes and industries.<\/p><p class=\"leading-loose text-base my-3\">Consider that in 2021, approximately <a class=\"nord-link cursor-pointer outline-none transition-colors duration-250 ease-out text-teal hover:text-teal-dark\" href=\"https:\/\/www.forbes.com\/sites\/chuckbrooks\/2022\/06\/03\/alarming-cyber-statistics-for-mid-year-2022-that-you-need-to-know\/?sh=7e691ccf7864\" target=\"_blank\" rel=\"noopener noreferrer\">37% of global organizations<\/a> fell victim to a ransomware attack. Then consider that business interruption and restoration costs account for <a class=\"nord-link cursor-pointer outline-none transition-colors duration-250 ease-out text-teal hover:text-teal-dark\" href=\"https:\/\/www.allianz.com\/en\/press\/news\/studies\/211013_Allianz-AGCS-Ransomware-Trends-Risks-and-Resilience.html#:~:text=Business%20interruption%20and%20restoration%20costs,involved%20in%20over%20six%20years\" target=\"_blank\" rel=\"noopener noreferrer\">50% of cyberattack-related losses<\/a>. Finally, take into account that most cyberattacks are financially motivated and the global cost of cybercrime topped <a class=\"nord-link cursor-pointer outline-none transition-colors duration-250 ease-out text-teal hover:text-teal-dark\" href=\"https:\/\/techxplore.com\/news\/2022-05-global-cybercrime-topped-trillion-defence.html\" target=\"_blank\" rel=\"noopener noreferrer\">$6 trillion last year<\/a>. The picture is quite clear \u2014 cybercrime is a lucrative venture for bad actors and potentially disastrous for those on the receiving end.<\/p><p class=\"leading-loose text-base my-3\">To thrive in these unpredictable times, organizations go beyond conventional security measures. Many companies develop a business continuity plan parallel to secure infrastructure and consider the plan a critical part of the security ecosystem. The Purpose of a business continuity plan is to significantly reduce the downtime in an emergency and, in turn, reduce the potential reputational damage and \u2014 of course \u2014 revenue losses.<\/p><h2 id=\"business-continuity-plan-template\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">Business continuity plan template<\/h2><div class=\"BlogBannerV2 py-8 md:py-10 lg:py-12 mt-8 md:mt-10 lg:mt-12 relative flex flex-col text-center font-medium overflow-hidden BlogBannerV2--default bg-blue-darkest\"><h2 class=\"nord-text text-h3 leading-normal font-medium tracking-tight inline-block font-bold mx-6 md:mx-21 z-1 text-white\" style=\"line-height: 1.2;\">Password security for your business<\/h2><p class=\"nord-text text-base leading-normal text-black mt-4 lg:mt-6 z-1 text-white\">Store, manage and share passwords.<\/p><div class=\"z-1\"><a class=\"nord-button focus:outline-none font-medium align-bottom rounded-1 select-none transition-colors ease-out duration-250 cursor-pointer nord-button--medium border text-white nord-button--v-contained nord-button--c-teal bg-teal border-teal font-medium inline-block Button__rounded mt-4 lg:mt-6 py-3 px-4 lg:px-6 whitespace-no-wrap\" href=\"\/business-password-manager\/\">Get NordPass Business<\/a><\/div><p class=\"nord-text text-micro leading-normal text-black mt-3 z-1 text-white\">30-day money-back guarantee<\/p><\/div><h4 id=\"business-continuity-plan-example\" class=\"text-h6 font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Business Continuity Plan Example<\/h4><p class=\"leading-loose text-base my-3\">[Company Name]<\/p><p class=\"leading-loose text-base my-3\">[Date]<\/p><h4 id=\"i-introduction\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">I. Introduction<\/h4><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Purpose of the Plan<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Scope of the Plan<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Budget<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Timeline<\/p><\/li><\/ul><p class=\"leading-loose text-base my-3\">The initial stage of developing a business continuity plan starts with a statement of the plan&#8217;s purpose, which explains the main objective of the plan, such as ensuring the organization&#8217;s ability to continue its operations during and after a disruptive event.<\/p><p class=\"leading-loose text-base my-3\">The Scope of the Plan outlines the areas or functions that the plan will cover, including business processes, personnel, equipment, and technology.<\/p><p class=\"leading-loose text-base my-3\">The Budget specifies the estimated financial resources required to implement and maintain the BCP. It includes costs related to technology, personnel, equipment, training, and other necessary expenses.<\/p><p class=\"leading-loose text-base my-3\">The Timeline provides a detailed schedule for developing, implementing, testing, and updating the BCP.<\/p><h4 id=\"ii-risk-assessment\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">II. Risk Assessment<\/h4><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Identification of Risks<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Prioritization of Risks<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Mitigation Strategies<\/p><\/li><\/ul><p class=\"leading-loose text-base my-3\">The Risk Assessment section of a Business Continuity Plan (BCP) is an essential part of the plan that identifies potential risks that could disrupt an organization&#8217;s critical functions.<\/p><p class=\"leading-loose text-base my-3\">The Identification of Risks involves identifying potential threats to the organization, such cybersecurity breaches, supply chain disruptions, power outages, and other potential risks. This step is critical to understand the risks and their potential impact on the organization.<\/p><p class=\"leading-loose text-base my-3\">Once the risks have been identified, the Prioritization of Risks follows, which helps determine which risks require the most attention and resources.<\/p><p class=\"leading-loose text-base my-3\">The final step in the Risk Assessment section is developing Mitigation Strategies to minimize the impact of identified risks. Mitigation strategies may include preventative measures, such as system redundancies, data backups, cybersecurity measures, as well as response and recovery measures, such as emergency protocols and employee training.<\/p><h4 id=\"iii-emergency-response\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">III. Emergency Response<\/h4><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Emergency Response Team<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Communication Plan<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Emergency Procedures<\/p><\/li><\/ul><p class=\"leading-loose text-base my-3\">This section of the plan focuses on immediate actions that should be taken to ensure the safety and well-being of employees and minimize the impact of the event on the organization&#8217;s operations.<\/p><p class=\"leading-loose text-base my-3\">The Emergency Response Team is responsible for managing the response to an emergency or disaster situation. This team should be composed of individuals who are trained in emergency response procedures and can act quickly and decisively during an emergency. The team should also include a designated leader who is responsible for coordinating the emergency response efforts.<\/p><p class=\"leading-loose text-base my-3\">The Communication Plan outlines how information will be disseminated during an emergency situation. It includes contact information for employees, stakeholders, and emergency response personnel, as well as protocols for communicating with these individuals.<\/p><p class=\"leading-loose text-base my-3\">The Emergency Procedures detail the steps that should be taken during an emergency or disaster situation. The emergency procedures should be developed based on the potential risks identified in the Risk Assessment section and should be tested regularly to ensure that they are effective.<\/p><h4 id=\"iv-business-impact-analysis\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">IV. Business Impact Analysis<\/h4><p class=\"leading-loose text-base my-3\">The Business Impact Analysis (BIA) section of a Business Continuity Plan (BCP) is a critical step in identifying the potential impact of a disruption to an organization&#8217;s critical operations.<\/p><p class=\"leading-loose text-base my-3\">The Business Impact Analysis is typically conducted by a team of individuals who understand the organization&#8217;s critical functions and can assess the potential impact of a disruption to those functions. The team may include representatives from various departments, including finance, operations, IT, and human resources.<\/p><h4 id=\"v-recovery-and-restoration\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">V. Recovery and Restoration<\/h4><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Procedures for recovery and restoration of critical processes<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Prioritization of recovery efforts<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Establishment of recovery time objectives<\/p><\/li><\/ul><p class=\"leading-loose text-base my-3\">The Recovery and Restoration section of a Business Continuity Plan (BCP) outlines the procedures for recovering and restoring critical processes and functions following a disruption.<\/p><p class=\"leading-loose text-base my-3\">The Procedures for recovery and restoration of critical processes describe the steps required to restore critical processes and functions following a disruption. This may include steps such as relocating to alternate facilities, restoring data and systems, and re-establishing key business relationships.<\/p><p class=\"leading-loose text-base my-3\">The Prioritization section of the plan identifies the order in which critical processes will be restored, based on their importance to the organization&#8217;s operations and overall mission.<\/p><p class=\"leading-loose text-base my-3\">Recovery time objectives (RTOs) define the maximum amount of time that critical processes and functions can be unavailable following a disruption. Establishing RTOs ensures that recovery efforts are focused on restoring critical functions within a specific timeframe.<\/p><h4 id=\"vi-plan-activation\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">VI. Plan Activation<\/h4><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Plan Activation Procedures<\/p><\/li><\/ul><p class=\"leading-loose text-base my-3\">The Plan Activation section is critical in ensuring that an organization can quickly and effectively activate the plan and respond to a potential emergency.<\/p><p class=\"leading-loose text-base my-3\">The Plan Activation Procedures describe the steps required to activate the BCP in response to a disruption. The procedures should be clear and concise, with specific instructions for each step to ensure a prompt and effective response.<\/p><h4 id=\"vii-testing-and-maintenance\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">VII. Testing and Maintenance<\/h4><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Testing Procedures<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Maintenance Procedures<\/p><\/li><li class=\"my-2\"><p class=\"leading-loose text-base my-3\">Review and Update Procedures<\/p><\/li><\/ul><p class=\"leading-loose text-base my-3\">This section of the plan is critical to ensure that an organization can effectively respond to disruptions and quickly resume its essential functions.<\/p><p class=\"leading-loose text-base my-3\">Testing procedures may include scenarios such as natural disasters, cyber-attacks, and other potential risks. The testing procedures should include clear objectives, testing scenarios, roles and responsibilities, and evaluation criteria to assess the effectiveness of the plan.<\/p><p class=\"leading-loose text-base my-3\">The Maintenance Procedures detail the steps necessary to keep the BCP up-to-date and relevant.<\/p><p class=\"leading-loose text-base my-3\">The Review and Update Procedures describe how the BCP will be reviewed and updated regularly to ensure its continued effectiveness. This may involve conducting a review of the plan on a regular basis or after significant changes to the organization&#8217;s operations or threats.<\/p><h2 id=\"what-should-a-business-continuity-plan-checklist-include\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">What should a business continuity plan checklist include?<\/h2><p class=\"leading-loose text-base my-3\">Organizations looking to develop a BCP have more than a few things to think through and consider. Variables such as the size of the organization, its IT infrastructure, personnel, and resources all play a significant role in developing a continuity plan. Remember, each crisis is different, and each organization will have a view on handling it according to all the variables in play. However, all business continuity plans will include a few elements in one way or another.<\/p><ul class=\"leading-loose mt-3 mb-6 list--ul\"><li class=\"my-2\"><h4 id=\"clearly-defined-areas-of-responsibility\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Clearly defined areas of responsibility<\/h4><p class=\"leading-loose text-base my-3\">A BCP should define specific roles and responsibilities for cases of emergency. Detail who is responsible for what tasks and clarify what course of action a person in a specific position should take. Clearly defined roles and responsibilities in an emergency event allow you to act quickly and decisively and minimize potential damage.<\/p><\/li><li class=\"my-2\"><h4 id=\"crisis-communication-plan\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Crisis communication plan<\/h4><p class=\"leading-loose text-base my-3\">In an emergency, communication is vital. It is the determining factor when it comes to crisis handling. For communication to be effective, it is critical to establish clear communication pipelines. Furthermore, it is crucial to understand that alternative communication channels should not be overlooked and outlined in a business continuity plan.<\/p><\/li><li class=\"my-2\"><h4 id=\"recovery-teams\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Recovery teams<\/h4><p class=\"leading-loose text-base my-3\">A recovery team is a collective of different professionals who ensure that business operations are restored as soon as possible after the organization confronts a crisis.<\/p><\/li><li class=\"my-2\"><h4 id=\"alternative-site-of-operations\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Alternative site of operations<\/h4><p class=\"leading-loose text-base my-3\">Today, when we think of an incident in a business environment, we usually think of something related to cybersecurity. However, as discussed earlier, a BCP covers many possible disasters. In a natural disaster, determine potential alternate sites where the company could continue to operate.<\/p><\/li><li class=\"my-2\"><h4 id=\"backup-power-and-data-backups\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Backup power and data backups<\/h4><p class=\"leading-loose text-base my-3\">Whether a cyber event or a real-life physical event, ensuring that you have access to power is crucial if you wish to continue operations. In a BCP, you can often come across lists of alternative power sources such as generators, where such tools are located, and who should oversee them. The same applies to data. Regularly scheduled data backups can significantly reduce potential losses incurred by a crisis event.<\/p><\/li><li class=\"my-2\"><h4 id=\"recovery-guidelines\" class=\"text-lead font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Recovery guidelines<\/h4><p class=\"leading-loose text-base my-3\">If a crisis is significant, a comprehensive business continuity plan usually includes detailed guidelines on how the recovery process will be carried out.<\/p><\/li><\/ul><h2 id=\"business-continuity-planning-steps\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">Business continuity planning steps<\/h2><figure class=\"my-12\"><div class=\"mx-auto\" style=\"max-width: 746px; max-height: 320px;\"><div class=\"nord-intrinsic relative w-full h-0 bg-transparent\" style=\"padding-top: 42.8954%;\"><picture class=\"nord-picture\"><source srcset=\"https:\/\/s1.npass.app\/nordpass\/media\/1.1728.0\/images\/web\/blog\/svg\/business-continuity-plan-steps-746x320.svg\" \/><img decoding=\"async\" class=\"nord-image nord-image--responsive\" src=\"data:image\/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==\" alt=\"business continuity plan steps\" \/><\/picture><\/div><\/div><\/figure><p class=\"leading-loose text-base my-3\">Here are some general guidelines that an organization looking to develop a BCP should consider:<\/p><h3 id=\"analysis\" class=\"text-h6 font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Analysis<\/h3><p class=\"leading-loose text-base my-3\">A business continuity plan should include an in-depth analysis of everything that could negatively affect the overall organizational infrastructure and operations. Assessing different levels of risk should also be a part of the analysis phase.<\/p><h3 id=\"design-and-development\" class=\"text-h6 font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Design and development<\/h3><p class=\"leading-loose text-base my-3\">Once you have a clear overview of potential risks your company could face, start developing a plan. Create a draft and reassess it to see if it takes into account even the smallest of details.<\/p><h3 id=\"implementation\" class=\"text-h6 font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Implementation<\/h3><p class=\"leading-loose text-base my-3\">Implement BCP within the organization by providing training sessions for the staff to get familiar with the plan. Getting everyone on the same page regarding crisis management is critical.<\/p><h3 id=\"testing\" class=\"text-h6 font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Testing<\/h3><p class=\"leading-loose text-base my-3\">Rigorously test the plan. Play out a variety of scenarios in training sessions to learn the overall effectiveness of the continuity plan. By doing so, everyone on the team will be closely familiar with the business continuity plan&#8217;s guidelines.<\/p><h3 id=\"maintenance-and-updating\" class=\"text-h6 font-medium mb-3 mt-6 leading-loose\" style=\"line-height: 1.2;\">Maintenance and updating<\/h3><p class=\"leading-loose text-base my-3\">Because the threat landscape constantly changes and evolves, you should regularly reassess your BCP and take steps to update it. By making your continuity plan in tune with the times, you will be able to stay a step ahead of a crisis.<\/p><h2 id=\"level-up-your-companys-security-with-nordpass-business\" class=\"text-h5 font-bold mb-6 mt-12 leading-normal\" style=\"line-height: 1.2;\">Level up your company&#8217;s security with NordPass Business<\/h2><p class=\"leading-loose text-base my-3\">A comprehensive business continuity plan is vital for the entire organization&#8217;s security posture. However, in a perfect world, you wouldn&#8217;t have to use it. This is where NordPass Business can help.<\/p><p class=\"leading-loose text-base my-3\">Remember, weak, reused, or compromised passwords are often cited as one of the top contributing factors in data breaches. It&#8217;s not surprising, considering that an average user has around 100 passwords. Password fatigue is real and significantly affects how people treat their credentials. NordPass Business counters these issues.<\/p><p class=\"leading-loose text-base my-3\">With <a class=\"nord-link cursor-pointer outline-none transition-colors duration-250 ease-out text-teal hover:text-teal-dark\" href=\"\/business-password-manager\/\">NordPass Business<\/a>, your team will have a single secure place to store all work-related passwords, credit cards, and other sensitive information. Accessing all the data stored in NordPass is quick and easy, which allows your employees not to be distracted by the task of finding the correct passwords for the correct account.<\/p><p class=\"leading-loose text-base my-3\">In cyber incidents, NordPass Business ensures that company credentials remain secure at all times. Everything stored in the NordPass vault is secured with advanced encryption algorithms, which would take hundreds of years to brute force.<\/p><p class=\"leading-loose text-base my-3\">If you are interested in learning more about NordPass Business and how it can fortify corporate security, do not hesitate to <a class=\"nord-link cursor-pointer outline-none transition-colors duration-250 ease-out text-teal hover:text-teal-dark\" href=\"\/business-password-manager\/request-demo\/\">book a demo<\/a> with our representative.<\/p><\/div><\/div><div class=\"Post__socials-sticky fixed left-0 lg:ml-6\" style=\"top: 50%; bottom: unset;\"><div class=\"flex lg:flex-col justify-center align-center\">\u00a0<\/div><\/div><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2004c86 elementor-widget elementor-widget-shortcode\" data-id=\"2004c86\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"63567\" class=\"elementor elementor-63567\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-45e3ec76 elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"45e3ec76\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-311e216d\" data-id=\"311e216d\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-3d9a2e6f elementor-widget elementor-widget-text-editor\" data-id=\"3d9a2e6f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>About NordPass<br \/><\/strong>NordPass is developed by Nord Security, a company leading the global market of cybersecurity products.<\/p><p>The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Office 365 is a popular business platform worldwide. It [&hellip;]<\/p>\n","protected":false},"author":148637484,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1075,1130,973,61],"tags":[1076,1132,974],"class_list":["post-63638","post","type-post","status-publish","format-standard","hentry","category-year2023","category-nordlayer","category-nord-security","category-press-release","tag-1076","tag-nordlayer","tag-nord-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Microsoft Office 365 security best practices for business - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/nordlayer.com\/blog\/microsoft-office-365-security\/\" \/>\n<meta property=\"og:locale\" content=\"zh_HK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft Office 365 security best practices for business - Version 2\" \/>\n<meta property=\"og:description\" content=\"Office 365 is a popular business platform worldwide. It [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nordlayer.com\/blog\/microsoft-office-365-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2023-01-30T09:06:17+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-09-13T08:31:47+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/images.ctfassets.net\/5natoedl294r\/1nEtqcC5WKNk4YoK0UN1MH\/7efd5f625c24d8cea697a27559eee22f\/Office_365_security_best_practices_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\" \/>\n<meta name=\"author\" content=\"versionpan\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"versionpan\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u8a08\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/microsoft-office-365-security\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/01\\\/microsoft-office-365-security-best-practices-for-business\\\/\"},\"author\":{\"name\":\"versionpan\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/103ffe36f7fd34a1cc126a30431b94d8\"},\"headline\":\"Microsoft Office 365 security best practices for business\",\"datePublished\":\"2023-01-30T09:06:17+00:00\",\"dateModified\":\"2024-09-13T08:31:47+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/01\\\/microsoft-office-365-security-best-practices-for-business\\\/\"},\"wordCount\":2208,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/microsoft-office-365-security\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/1nEtqcC5WKNk4YoK0UN1MH\\\/7efd5f625c24d8cea697a27559eee22f\\\/Office_365_security_best_practices_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\",\"keywords\":[\"2023\",\"NordLayer\",\"Nord Security\"],\"articleSection\":[\"2023\",\"NordLayer\",\"Nord Security\",\"Press Release\"],\"inLanguage\":\"zh-HK\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/01\\\/microsoft-office-365-security-best-practices-for-business\\\/\",\"url\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/microsoft-office-365-security\\\/\",\"name\":\"Microsoft Office 365 security best practices for business - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/microsoft-office-365-security\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/microsoft-office-365-security\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/1nEtqcC5WKNk4YoK0UN1MH\\\/7efd5f625c24d8cea697a27559eee22f\\\/Office_365_security_best_practices_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\",\"datePublished\":\"2023-01-30T09:06:17+00:00\",\"dateModified\":\"2024-09-13T08:31:47+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/microsoft-office-365-security\\\/#breadcrumb\"},\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nordlayer.com\\\/blog\\\/microsoft-office-365-security\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/microsoft-office-365-security\\\/#primaryimage\",\"url\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/1nEtqcC5WKNk4YoK0UN1MH\\\/7efd5f625c24d8cea697a27559eee22f\\\/Office_365_security_best_practices_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\",\"contentUrl\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/1nEtqcC5WKNk4YoK0UN1MH\\\/7efd5f625c24d8cea697a27559eee22f\\\/Office_365_security_best_practices_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/microsoft-office-365-security\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Microsoft Office 365 security best practices for business\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-HK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/103ffe36f7fd34a1cc126a30431b94d8\",\"name\":\"versionpan\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g\",\"caption\":\"versionpan\"},\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/author\\\/versionpan\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft Office 365 security best practices for business - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/nordlayer.com\/blog\/microsoft-office-365-security\/","og_locale":"zh_HK","og_type":"article","og_title":"Microsoft Office 365 security best practices for business - Version 2","og_description":"Office 365 is a popular business platform worldwide. It [&hellip;]","og_url":"https:\/\/nordlayer.com\/blog\/microsoft-office-365-security\/","og_site_name":"Version 2","article_published_time":"2023-01-30T09:06:17+00:00","article_modified_time":"2024-09-13T08:31:47+00:00","og_image":[{"url":"https:\/\/images.ctfassets.net\/5natoedl294r\/1nEtqcC5WKNk4YoK0UN1MH\/7efd5f625c24d8cea697a27559eee22f\/Office_365_security_best_practices_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp","type":"","width":"","height":""}],"author":"versionpan","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"versionpan","\u9810\u8a08\u95b1\u8b80\u6642\u9593":"11 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nordlayer.com\/blog\/microsoft-office-365-security\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2023\/01\/microsoft-office-365-security-best-practices-for-business\/"},"author":{"name":"versionpan","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/103ffe36f7fd34a1cc126a30431b94d8"},"headline":"Microsoft Office 365 security best practices for business","datePublished":"2023-01-30T09:06:17+00:00","dateModified":"2024-09-13T08:31:47+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2023\/01\/microsoft-office-365-security-best-practices-for-business\/"},"wordCount":2208,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/nordlayer.com\/blog\/microsoft-office-365-security\/#primaryimage"},"thumbnailUrl":"https:\/\/images.ctfassets.net\/5natoedl294r\/1nEtqcC5WKNk4YoK0UN1MH\/7efd5f625c24d8cea697a27559eee22f\/Office_365_security_best_practices_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp","keywords":["2023","NordLayer","Nord Security"],"articleSection":["2023","NordLayer","Nord Security","Press Release"],"inLanguage":"zh-HK"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2023\/01\/microsoft-office-365-security-best-practices-for-business\/","url":"https:\/\/nordlayer.com\/blog\/microsoft-office-365-security\/","name":"Microsoft Office 365 security best practices for business - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nordlayer.com\/blog\/microsoft-office-365-security\/#primaryimage"},"image":{"@id":"https:\/\/nordlayer.com\/blog\/microsoft-office-365-security\/#primaryimage"},"thumbnailUrl":"https:\/\/images.ctfassets.net\/5natoedl294r\/1nEtqcC5WKNk4YoK0UN1MH\/7efd5f625c24d8cea697a27559eee22f\/Office_365_security_best_practices_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp","datePublished":"2023-01-30T09:06:17+00:00","dateModified":"2024-09-13T08:31:47+00:00","breadcrumb":{"@id":"https:\/\/nordlayer.com\/blog\/microsoft-office-365-security\/#breadcrumb"},"inLanguage":"zh-HK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nordlayer.com\/blog\/microsoft-office-365-security\/"]}]},{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/nordlayer.com\/blog\/microsoft-office-365-security\/#primaryimage","url":"https:\/\/images.ctfassets.net\/5natoedl294r\/1nEtqcC5WKNk4YoK0UN1MH\/7efd5f625c24d8cea697a27559eee22f\/Office_365_security_best_practices_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp","contentUrl":"https:\/\/images.ctfassets.net\/5natoedl294r\/1nEtqcC5WKNk4YoK0UN1MH\/7efd5f625c24d8cea697a27559eee22f\/Office_365_security_best_practices_cover_web_1400x800.png?w=1400&amp;h=800&amp;q=50&amp;fm=webp"},{"@type":"BreadcrumbList","@id":"https:\/\/nordlayer.com\/blog\/microsoft-office-365-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"Microsoft Office 365 security best practices for business"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-HK"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/103ffe36f7fd34a1cc126a30431b94d8","name":"versionpan","image":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/secure.gravatar.com\/avatar\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g","caption":"versionpan"},"url":"https:\/\/version-2.com\/zh\/author\/versionpan\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-gyq","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/63638","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/users\/148637484"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/comments?post=63638"}],"version-history":[{"count":1,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/63638\/revisions"}],"predecessor-version":[{"id":64213,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/63638\/revisions\/64213"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/media?parent=63638"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/categories?post=63638"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/tags?post=63638"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}