Microsoft 365 productivity security

Best Practices from Microsoft 365 Experts

Microsoft has been biggest beneficiary of the shift to remote work as thousands of businesses adopted its Microsoft 365 platform to support employees. When the pandemic hit in March 2020, organizations scrambled enable employees to work remotely. Fast-forward one year and Microsoft announced that as of March 31, 2021, Teams has 145 million daily active users (DAU).

As the digital workplace accelerates and the enterprise shifts towards a hybrid workplace, it is more important than ever before for organizations to optimize their Microsoft 365 environment. IT professionals responsible for managing their organization’s Microsoft 365 environment are critical to helping drive business success in today’s global business landscape.

Following are five best practices for harnessing the full power of your Microsoft 365 environment from leading Microsoft 365 professionals.

Best Practices of Highly-Effective Microsoft 365 Professionals

Here are five practices of highly-effective Microsoft 365 professionals for admins and IT leaders to incorporate into their own processes.

1. Protect your admin accounts

Gartner reports that 80% of all data breaches involve a privileged identity. To protect your system from hackers, start by focusing on protecting your accounts.

The following steps are key to helping keep admin accounts secure.

  • Limit the number of admins – Choosing the right number of admins for your organization is a little like Goldilocks and the Three Bears. Too few admins and you risk losing access in the event that an account is compromised. Too many admins and the greater the risk of an account getting hacked. While there’s not an optimal number for how many Microsoft 365 admin accounts an organization should have, experts generally agree that two to four admins are just right.
  • Use dedicated accounts – Have a separate, dedicated account just for administrative activities that require the highest security permissions – and log in only when needed.
  • Require strong authentication – A strong password is good, but multi-factor authentication is a must in today’s sophisticated threat landscape. Use secure methods for your second factor, such as authentication apps or key fobs.

2. Apply and Verify Policies

An IBM study revealed that 85% of reported breaches are due to misconfiguration. The number one reason for misconfiguration is lack of visibility, which is no surprise considering there’s no easy way for admins to view and manage all their system’s policies. Fortunately, there are SaaS management tools that can help alleviate this critical pain point for IT professionals.

Here are some important features to look for when choosing a SaaS management solution for your organization:

  • View all user configuration settings through single pane-of-glass view
  • Browse, query and detect misconfiguration (Bonus if it can also repair misconfigurations)
  • Enforce Least Privilege Access to ensure that each admin account has exactly the right permissions required for the user to do their job
  • Exception management that enables the configuration of allowed exceptions, saving busy IT professionals valuable time
  • Automated policy enforcement
  • Risk-based password management (Bonus if it also includes the option to assign a password policy to each risk level)
  • Benchmarking abilities that enable you to compare your system’s policies to the policies of the Center for Internet Security (CIS) benchmarks for Microsoft 365 (Bonus if it can also monitor and enforce CIS benchmark controls)

3. Strategically Manage Tenants

A single-tenant system where everything is in one big pool is especially vulnerable to security breaches. The alternative is a multi-tenant system, where each department, division, or other group has its own separate Microsoft 365 operating space. A multi-tenant setup provides total segregation and maximum security, but limits productivity and collaboration. It also increases the administration and management burden and lowers transparency because admins are constantly switching systems.

Now there’s a way to strategically manage tenants so you don’t have to choose whether to use a single-tenant or multi-tenant organization. Strategically managing tenants allows you to segment your single tenant into groupings called virtual tenants. Each virtual tenant can consist of a custom-selected group of users, groups, devices and even telephone numbers. An administrator can be assigned to work with a certain virtual tenant (or a group of virtual tenants), as well as view reports and statuses for each of the virtual tenants under their purview.

4. Optimize License Usage

CoreView research shows that 56% of all Microsoft 365 licenses are not fully utilized because they are unassigned, unused, over-sized or underutilized. This inefficiency wastes IT dollar that could have been spent on something that provided a return on investment (ROI).

Auditing license usage is effective but very tedious and time-consuming. Use a SaaS management solution that can automate this process and deliver reports that show you which accounts are inactive, not fully utilized, or unassigned, so you can spend time doing more strategic business tasks.

5. Automate Basic Processes

When IT professionals spend all their time doing basic, routine processes, they don’t have time for anything else and things fall through the cracks, which creates security risks – not to mention increases employee turnover. In today’s hybrid workplace where IT professionals need to focus their attention on more strategic business issues, automating basic IT processes is a requirement. Nowadays there are many IT processes that can be automated, extending well beyond provisioning and deprovisioning licenses. Wherever you find a tedious task that drags down IT productivity, look for a way to automate it so it’s performed quickly, reliably and accurately.

It’s not enough anymore for an organization to just have Microsoft 365. To succeed in the modern business landscape, organizations must continuously optimize their Microsoft 365 environment. IT leaders are doing more than ever to manage complex deployments, empower users, save money, and keep their workplace secure. These proven best practices from highly-effective Microsoft 365 professionals enable IT professionals to help empower employees, improve IT efficiency, maximize SaaS ROI and mitigate risk.

Scroll to Top