Security News > 2020 > May > DHS Reiterates Recommendations on Securing Office 365
An alert the U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency published this week reiterates previously issued recommendations on how organizations should properly secure Microsoft Office 365 deployments.
In May last year, the agency issued an alert to highlight some of the common security oversights by Office 365 customers, and also included a series of recommendations on how organizations could improve their security posture.
"While the abrupt shift to work-from-home may necessitate rapid deployment of cloud collaboration services, such as O365, hasty deployment can lead to oversights in security configurations and undermine a sound O365-specific security strategy," CISA notes.
To ensure their Office 365 implementations remain secure, organizations are advised to use multi-factor authentication for administrator accounts Global Administrators have the highest privileges in Office 365 environments), but also for other user accounts, although they do not have elevated privileges.
"CISA encourages organizations to implement an organizational cloud strategy to protect their infrastructure assets by defending against attacks related to their O365 transition and better securing O365 services," the agency notes.