I recently wrote about why businesses love cloud technology [and Microsoft Office 365]. When you boil the reasons down, they’re pretty straightforward: Businesses, no matter how big or small, turn to cloud-based platforms like Office 365 because they’re good investments. The costs are low, the functionality is high, and the result is a more efficient, collaborative workforce supporting a company with a stronger bottom line. Easy enough, right? Well, not so fast—while the business case is obvious, IT teams are often left to handle the brunt of the migration process. And, as with any tech adoption, migrating to Microsoft Office 365 can come with security challenges. Here’s how your IT team can mitigate those risks.
But First, the Existing Office 365 Security Features
Before I break down the steps an IT team can take to mitigate risk, it’s important to understand the features already built-into the platform. I don’t want to spend a lot of time here, but mentioning the security functionalities will be helpful as context around our later discussion.
Depending on the plan your organization has purchased, Office 365 comes with basics like data loss prevention, a failsafe that is intended to stop confidential or sensitive information exiting the business in an email. Of course, that email data is also encrypted, the importance of which industry expert Nikola Todev recently broke down for us on Converge in this post: How to Tech Guide: Encryption for Data Security. There’s also advanced threat analytics, a data analytics tool that, as part of the separate Security and Compliance Center within the Admin Center, provides security management tools like customized alerts and machine learning-backed suspicious behavior detection.
Finally, in the event of an incident when time is of the essence, the Admin Center clearly prioritizes incidents versus advisories and provides details, history, and workaround solutions to empower IT teams to act quickly to protect the interests of their organization.
Those just a few of the built-ins and features of Office 365 that help you prioritize and maintain data security in Microsoft’s Cloud. As we all know, risks can and will still arise, especially when you’re coming from an old system or series of systems. Now, let’s explore best practices for mitigating those risks.
Three Key Best Practices for IT Teams Migrating to Office 365
To keep your data secure and your team running smoothly after an Office 365 migration, consider the following tips:
- Account for gaps in Exchange Online Protection (EOP). Office 365 boasts EOP, what it calls “multi-layered, real-time anti-spam and multi-engine anti-malware protection.” That’s a mouthful—a powerful mouthful, as those capabilities are certainly robust. While EOP does provide email protection, it might not provide enough to filter advanced attacks, such as targeted phishing initiatives or other persistent threats. Why? EOP uses existing data to pinpoint and block threats, so new or more sophisticated attacks that use different data sets can slip through the cracks. Your IT team should strongly consider an additional hygiene solution to compensate for this lapse in EOP’s capabilities. The choice will undoubtedly fall back on either a separate cloud-based or on-premise solution, so be sure to weight all factors of each thoroughly before opting for a secondary security service.
- Have a backup plan. A benefit of Office 365 is that it is essentially a one-stop-shop for your business in terms of workflow, collaboration, storage, data analysis, and much more. The downfall, ironically, is the same. What happens if this “one-stop-shop” goes down? Cloud providers have been known to fail at times, and preparing for such an event is critical part of maintaining both the security of your data and the productivity of the business during downtime. Choose a third-party solution that can not only provide backup in the case of an incident, but one that can also sync quickly back in-step with Office 365 when the issue is resolved to avoid compatibility issues or data loss.
- Don’t overlook mobility concerns. Yes, Office 365 works on mobile devices—a huge plus, especially as bring your own device (BYOD) policies become increasingly practical. However, take care not to assume every device features the same level of interoperability, as some simply align better than others. If the mobile platform used by your team members is not a mobile platform supported by Office 365, you will either have to reconfigure those devices or opt for a mobile data management solution.
Risk accompanies any technology adoption, but the bigger risk is getting left behind as a result of your organization’s failure to embrace digital transformation. The answer isn’t avoiding progress, but rather taking smart steps to optimize the security and performance of your data in the cloud.
To learn more about IT’s role post-migration to Microsoft Office 365, I encourage you to watch this insightful webinar that walks you through, among other things, the best way to use the Admin Center of the platform—your home base for anything and everything data, user, or security related. If you’ve invested resources into the platform, this is worth a brief investment of your time to make sure you’re utilizing it to its fullest extent. Watch now: Role of IT After Migrating to Office 365.
If you’ve migrated to Office 365 from one or a series of legacy systems, what IT challenges and security concerns have you faced, and how have you worked around them? Do you have advice for those just beginning the journey? I’d love to hear your thoughts.
This post is sponsored by Microsoft Office’s Small Business Academy. All thoughts and opinions are my own.
Shelly Kramer is a Principal Analyst and Founding Partner at Futurum Research. A serial entrepreneur with a technology centric focus, she has worked alongside some of the world’s largest brands to embrace disruption and spur innovation, understand and address the realities of the connected customer, and help navigate the process of digital transformation. She brings 20 years' experience as a brand strategist to her work at Futurum, and has deep experience helping global companies with marketing challenges, GTM strategies, messaging development, and driving strategy and digital transformation for B2B brands across multiple verticals. Shelly's coverage areas include Collaboration/CX/SaaS, platforms, ESG, and Cybersecurity, as well as topics and trends related to the Future of Work, the transformation of the workplace and how people and technology are driving that transformation. A transplanted New Yorker, she has learned to love life in the Midwest, and has firsthand experience that some of the most innovative minds and most successful companies in the world also happen to live in “flyover country.”