New checklist to secure Microsoft Office 365 now available from CIS Benchmarks™

By Brandon Cox

Anyone planning to develop, deploy, or secure solutions that incorporate Microsoft 365 should download the latest version of the Security Configuration Benchmark for Microsoft 365. Not everyone knows these free guides from CIS Benchmarks exist. The newest version was published on December 20th and provides prescriptive guidance for establishing a secure configuration posture for Microsoft Office. The guide includes recommendations for Exchange Online, SharePoint Online, OneDrive for Business, Skype/Teams, Azure Active Directory, and InTune. In addition to general maintenance updates for PowerShell, API, and reference information, the significant changes included in this 1.1 release are:

  • A new subsection under Account/Authentication focuses on Azure Active Directory. This subsection focuses on disabling insecure authentication protocols and enabling strong authentication.
  • An increase in the number of Benchmark security checks, including checks related to Exchange MailTips, which help identify emails sent outside of a tenant.
  • License level applicability to help readers understand security controls that apply to their current Office 365 licensing level, as well as additional controls available with additional licensing.

The CIS benchmark, threat intelligence, and other security controls are all essential to the protection of O365 environments from ongoing attacks. Get the full Benchmark guide here for free.

CIS Benchmarks states they publish the only consensus-based, best-practice security configuration guides both developed and accepted by the government, business, industry, and academia. I am pleased to have participated in and been named a co-editor of this latest version. It gave our team the ability to share and access an incredible amount of security and product knowledge to assist our customers and all CIS members in assessing risk and strengthening their O365 environments.

I urge you to read the Benchmark in detail and use this step by step checklist to help in securing your Microsoft Office 365 environment. If you need further assistance or want to talk to an O365 security expert from SecureSky, please contact us.

Brandon Cox is Director of Product Architecture at SecureSky Inc, a cloud security services company focused on securing client cloud environments against current and emerging threats. With over 10 years of technology engineering experience, Brandon continues to contribute to the collaboration at the Center for Internet Security.
Follow Brandon on LinkedIn.