Email is essential to business. Because emails often contain sensitive business and customer data, it’s essential to keep email protected. Moving your email to the cloud, through using Exchange Online, can create concerns about security that the IT team needs to address to reassure business users that the email will remain secure.

Exchange Online Is Secure By Design

It’s important to note that even though you should take steps to protect your data in Exchange Online, even without any action your data is protected against unauthorized access.

First, Microsoft employees do not routinely have access to email in Exchange Online; this is enforced through roles-based access controls and auditing of logs. In addition, for anyone else to access your data, they need to be authenticated through Active Directory.

Second, your data is protected both in transit and at rest. The Office 365 storage is encrypted, as is data transmitted over the network. In addition, you can use Azure ExpressRoute to implement a direct connection to the Office 365 servers. This eliminates the risks that come from using the public internet.

Enhance Exchange Online Security Through Configuration

Although Microsoft takes protecting your data seriously, you should take additional measures to protect against hackers and unauthorized use. Get familiar with the Security & Compliance Center, where you can implement security measures such as multi-factor authentication. Secure Score will evaluate your current configuration and suggest ways to improve security.

Utilize Exchange Online Protection (EOP) to access features designed to keep your email safe. EOP includes anti-spam and anti-malware services to block dangerous emails from entering your servers. Real-time monitoring and policy-based filtering let you see what’s going on and make sure email is processed in compliance with corporate and regulatory policies. Consider creating data loss prevention policies to protect data from unauthorized sharing.

In addition, don’t forget to enable the email protections that you had (or should have had) enabled in your on-site email server. These include Sender Protection Framework (SPF) and Domain Keys Identified Mail (DKIM) to ensure message recipients can trust that sent messages came from your domain. Domain-based Message Authentication Reporting & Conformance (DMARC) adds another level of validation.

Monitor for Threats

Even though you’ve got controls and security configurations in place, you should continue to monitor for threats to your Exchange Online service. Turn on mailbox audit logging to ensure that full user details are logged. Use the Office 365 Threat Investigation and Response tools dashboard and threat explorer to identify threats and track the ones that have been handled.

Prescient Solutions provides complete Office 365 and Exchange Online support to businesses in the Chicago and Schaumburg areas. As a Microsoft Partner, our team of certified experts has the skills to ensure your email is processed safely whether on premises or in the cloud. Contact us to learn more about keeping your email safe in Exchange Online.