The Best things to do with Microsoft 365
Manage your email security - WST

Here are some simple steps that can be taken to improve your security posture as it pertains to malware and email.

Stop your users and threat actors from auto-forwarding email. In this scenario, a disgruntled employee or threat actor can use email to exfiltrate massive amounts of data using legitimate email accounts configured to forward email to an external email address. This is generally possible if credentials are phished from a user or otherwise nefariously obtained, and/or MFA is compromised or not in place. To block email forwarding, visit the Exchange Admin Center and add a mail flow rule with a condition and action to block any auto-forwarded email to an external email address.

Another approach to protecting against malware is to limit the types of file attachments allowed in email accepted by your Exchange Online instance. To configure these settings, go to the Exchange Admin Center and add a mail flow rule that either blocks email or warns users of email that have macro-enabled email attachments, as well as other executable file types. This includes, but is not limited to, .bat, .cmd, .com, .ht, .hta, .reg, .url, .vbs, .exe, and so on.

If you’re not aware, Microsoft 365 Exchange Online hosted email comes with malware protection. You can review how well this protection is working through the Security & Compliance Center Threat Management admin portal at https://protection.office.com Simply viewing the dashboard will provide administrators with recommendations to enhance security, and baseline security policies can be configured for a standard or strict security approach. Additionally, administrators can make customer policy decisions to tailor email security to the institution.

This concludes our series of Microsoft 365 tips. We hope you found something helpful! If you are at all interested in having some help assessing your 365 security, let us know.

Authored by: Mike Smith, AWS-CCP