Securing access, protecting data: corporate practice for Microsoft 365

Published by: MRT

Published on:

Securing access, protecting data: corporate practice for Microsoft 365

Many companies use Microsoft 365, but because of the US cloud connections, the Office package is also controversial. In no case should companies rely on the security measures of the provider, as Inés Atug explains in the new iX 7/2021, because quite apart from the potential conflict of interest, Microsoft does not know what specific security needs a customer has.

And even this often first has to familiarize himself with the topic of cloud security. This is where the ISO 27017 sub-standard from the ISO 27001 family helps: It offers the customer and provider important guidelines that administrators can use to make the correct security settings. Central points are the access control and the user rights – because if these are configured correctly, they significantly limit the possibilities of an attacker.

In addition, those responsible must constantly keep an eye on Microsoft updates. As is typical for the cloud, the developers constantly deliver new functions, delete features or introduce new settings for administrators. As a rule, however, Microsoft announces all of this and the documentation for the 365 package is also well maintained. Nevertheless, new vulnerabilities quickly emerge, for example through phishing via forms – if the application is to be used, employees have to be sensitized accordingly.

The admin tools are just as extensive: Microsoft does not offer a central console, but rather hides many settings in different interfaces. System administrators will find in the JulyiX also an overview of all tools and the most important configurations. Further topics of the new issue are the data analysis of the social network Reddit with Python, the app programming practice with Android’s new UI toolkit Jetpack Compose and the recently ennobled Internet standard QUIC.

More from iX magazine

More from iX magazine

More from iX magazine


(fo)

Disclaimer: This article is generated from the feed and not edited by our team.