Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
398 views1 page

Office 365 Best Practices Checklist

This Office 365 best practices checklist contains recommendations for securing an Office 365 environment. It suggests finding an experienced partner, requiring multifactor authentication for all users, disabling insecure authentication protocols, blocking access for terminated employees, using unique passwords, enabling audit logging and device policies, and regularly reviewing logs and access reports. The checklist aims to help harden security and reduce risks for Office 365 users.

Uploaded by

balamurali_a
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
398 views1 page

Office 365 Best Practices Checklist

This Office 365 best practices checklist contains recommendations for securing an Office 365 environment. It suggests finding an experienced partner, requiring multifactor authentication for all users, disabling insecure authentication protocols, blocking access for terminated employees, using unique passwords, enabling audit logging and device policies, and regularly reviewing logs and access reports. The checklist aims to help harden security and reduce risks for Office 365 users.

Uploaded by

balamurali_a
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 1

Office 365 Best Practices Checklist

 Find an experienced Technology partner to assist


with navigating Office 365
 Review your Microsoft Secure Score at
 Do not allow anonymous calendar sharing
https://security.microsoft.com/securescore
 Require MFA for all users  Do not allow calendar details sharing
 Disable POP/IMAP/SMTP Auth  Use limited administrative roles
 Block sign-in for terminated employees, forwarding
 Do not allow mailbox delegation
mailboxes, shared mailboxes
 Unique passwords for all users  Turn on sign-in risk policy
 Supplement Microsoft's backups  Turn on user risk policy
 Turn on audit data recording  Enable policy to block legacy authentication
 Block client forwarding rules  Activate mobile device management services
 Set outbound spam notifications  Require mobile devices to use a password
 Require mobile devices to block access and
 Turn on mailbox auditing for all users
report policy violations
 Require mobile devices to manage email
 Consume audit data weekly
profile
 Do not allow simple passwords on mobile
 No transport rule to external domains
devices
 Do not use mail flow rules that bypass anti-spam  Require mobile devices to use alphanumeric
protection password
 Review mailbox forwarding rules weekly  Require mobile devices to use encryption
 Review mailbox access by non-owners bi-weekly  Require mobile devices to lock if inactive
 Require mobile devices to have minimum
 Review malware detections report weekly
password length
 Require mobile devices to wipe on multiple
 Designate more than one global admin
sign-in failures
 Do not use mail forwarding rules to external  Block jail broken or rooted mobile devices from
domains connecting
 Remove mobile device policies that expire
 Designate fewer than 5 global admins
passwords
 Do not expire passwords  Reduce mobile device password re-use

You might also like