With some healthcare organizations looking to facilitate an increased number of users working remotely, many are migrating to Microsoft Office 365 (O365) and other cloud-based productivity and collaboration solutions. Even though rapid deployment of new services may be needed during the COVID-19 pandemic, organizations should still be considering the security and risk impact of implementing these new platforms.

Whether an organization is just beginning deployment of O365, or has already migrated many (or all) of their users to the platform, there are several configuration options that can help to best secure the cloud environment:

  • Multiple levels of administrative access – While Global Administrators in an Azure Active Directory (AD) environment have the highest-level of privileges in O365, there are several other built-in administrator roles that can help to ensure that the principle of “Least Privilege” is followed, thereby reducing the impact if one of the administrator accounts should ever be compromised.
  • Multi-Factor Authentication – O365 has a built-in Multi-Factor Authentication (MFA) solution that will provide an additional layer of protection beyond a traditional username and password. This feature is enabled by default for the Global Administrator account, and should be enabled for all user accounts, administrative or standard. This will help to protect data in the environment from unauthorized access.
  • Unified Audit Log (UAL) – O365’s logging ability can collate all of the events from Exchange Online, SharePoint Online, OneDrive, and several other O365 services. This feature will help administrators investigate user activity that may be malicious or outside of organizational policy.
  • Logs that can be integrated into a SIEM – With UAL enabled, integrating the O365 logs into your existing SIEM or taking advantage of a new solution such as Azure Sentinel is critical. Metrics, reports, and alerts can be configured to process the data from the logs and help identify anomalous activity as early as possible.
  • The Microsoft Secure Score – O365 includes a built-in tool to measure an organization’s security posture, based on the products and services included in their license. This tool provides additional recommendations that can help track and prioritize security and compliance changes in a centralized dashboard.

Understanding the impact that any new system being implemented in an organization’s Information Security environment will help ensure the security of the existing systems and data. When migrating to O365 or any cloud-based solution, an organization should always work with the vendor to determine how they can best secure the new system.

For further guidance on COVID-19 related security precautions, request a free consult.