From cybersecurity to information security: how to get the best out of Microsoft 365

by Henry Bisilliat Donnet - Information Management Consultant
| minute read

We all want to be in control of our organisation’s information. We want to make sure it’s used correctly so that it increases staff efficiency and helps to reduce costs. Thankfully Microsoft 365, or M365 for short, makes it easy to take control and align your business and legal requirements. But how can you get the best out of Microsoft’s cloud-powered productivity platform? Before you start implementing your security and compliance rules, let’s first look at the main tools M365 has to offer in this area.

Security is becoming a bigger challenge in our increasingly digital world. It not only protects our environment from unauthorised people entering it (cybersecurity), but also allows you to protect your information from within by limiting access to and sharing of that information (information security).

Cybersecurity tools

To protect your organisation from cyberattacks, ransomware, and spyware, Microsoft Defender provides anti-phishing, anti-spam, and anti-malware protection tools within M365. It enables you to detect and prevent attacks across your identities, endpoints, email, and data. This is all managed from a central dashboard. Keep in mind, however, that not all Microsoft Defender services are free. Microsoft Defender is available in four areas: Defender for Office 365, Defender for Endpoint, Defender for Cloud Apps, and Defender for Identity. These can be used separately but they work best together, providing integrated protection across the whole of your M365 environment.

Microsoft also offers a combined solution for security information event management (SIEM) and security orchestration automated response (SOAR): Microsoft Sentinel. This solution provides alert detection, threat visibility, proactive hunting, and threat response.

You should also take a close look at Microsoft Security Pilot, an AI-powered security analysis tool that allows analysts to respond more quickly to threats, process signals at machine speed, and rapidly assess risk exposure. Security Pilot also integrates with all the other Microsoft Security solutions: Defender, Sentinel, Purview, Entra, Priva and Intune.

Information security tools

To protect your information internally, Microsoft Purview allows you to apply the need-to-know rule, meaning that you provide the right information, at the right time, to the right people only.

By combining Microsoft Purview with Microsoft Entra ID, formerly Azure Active Directory (Azure AD), you can manage access to your information with user IDs, Groups and set sensitivity levels and information protection rules.

Again, using a central dashboard within the Purview compliance portal you can employ a wide range of information security solutions such as App Governance, Data Lifecycle Management, Data Loss Prevention, Information Protection, Privacy Management, Insider Risk Management, eDiscovery, Auditing, and Data subject requests (DSR). These solutions allow you to manage and control access management, data classification, sensitivity labelling, personal information protection, retention policies, labels, etc.

Finally, Purview governance portal lets you create a holistic, up-to-date map of your data landscape. To make it even easier, parts can be automated, so the system is working for you to detect flaws. It even advises what your next steps should be to eliminate these flaws. And as your information governance is centralised in a single dashboard, it’s easy to perform various kinds of tracking and run audit reports as proof of compliance.

So there you have it: a comprehensive productivity platform with plenty of security tools and governance options that can work separately and together. But how do you use that system to align your organisation’s business and legal requirements? Read my next blog post to find out!