I am pleased to have participated in and been named a co-editor of the most recent release (version 1.1) of the Center for Internet Security Microsoft 365 Foundations Benchmark. Sharing SecureSky’s extensive O365 incident response experience and security controls recommendations to give back to the O365 security community was a great opportunity.
The CIS Microsoft 365 Foundations Benchmark provides prescriptive guidance for establishing a secure configuration posture for Microsoft 365. The guide includes recommendations for Exchange Online, SharePoint Online, OneDrive for Business, Skype/Teams, Azure Active Directory, and InTune. In addition to general maintenance updates for PowerShell, API, and reference information, the major changes that are part of the 1.1 release include:
- A new subsection under Account/Authentication, focusing on Azure Active Directory. This subsection focuses on disabling insecure
authentication protocols and enabling strong authentication. CIS, SecureSky, and Microsoft are highly focused on ensuring that customers take advantage of security capabilities in Azure Active Directory, as reflected in this Benchmark and Microsoft new Security Defaults initiative (https://techcommunity.microsoft.com/t5/azure-active-directory-identity/introducing-security-defaults/ba-p/1061414).
- An increase in the number of Benchmark security checks, including checks related to Exchange MailTips that can help users identify emails that are being sent outside of a tenant.
- License level applicability to help readers understand security controls that are applicable to their current Office 365 licensing level, as well as additional controls that are available with additional licensing.
The CIS benchmark, threat intelligence, and other security controls are all essential to the protection of O365 environments from ongoing attacks. Working with this distinguished group of security professionals, including Microsoft representatives, gives our team the ability to share and access an incredible amount of security and product knowledge to assist our customers and all CIS members in assessing risk and strengthening their O365 environments.
In addition to the recent release of the updated O365 Benchmark, CIS recently ran a survey asking its community about other leading SaaS platforms they used. As CIS expands its benchmark coverage for such products as Salesforce, Dropbox, G Suite, WordPress, Slack, Intuit and other leading products, SecureSky will look to provide additional security guidance, as well as keep you up to date via our blog. The product team at SecureSky will continue to work with the talented team at CIS. In fact, we are already knee-deep in the next O365 Benchmark that should come out later this year.
Again, you can get the full Benchmark guide here for free, and we urge you to read it in detail and use this step by step checklist to help in securing your Microsoft Office 365 environment. If you need further assistance or want to talk to an O365 security expert from SecureSky, please contact us.
SecureSky has extensive experience helping clients secure and monitor Office 365 environments. To learn more about some of the work we have done for clients, and recommendations for improving Office 365 security, please see our website and Blog Series on Office 365 Business Email Compromise here.