Posts

How to Secure Office 365

How to Secure Office 365

Office 365 Exchange Security Best Practices

Using Office 365 is a simple way to get all your employees on the same page. Of course, having a service that is accessible both in the office and on-the-go, means security is an even bigger consideration. How do you ensure your company’s Office 365 service is secure? How to secure Office 365 ?

Microsoft has built-in security tools to help keep unauthorized users out. While most of these features are available to every account holder, it must first be enabled. They are not turned on automatically.

Multi-factor Authentication

All Office 365 accounts use a single log-in to access email and cloud services. This simplistic approach makes it easy for the user; it does make it easy for an outsider to break into multiple accounts. Chances are, once they are in one employee account, the easier it is to get into another employee’s account.

To better protect your accounts, you can turn on multi-factor authentication for each of your employees.  To do so start by signing in to your Office 365 and go to the Office 365 admin center.

  1. Navigate to Users and select Active Users.
  2. In the Admin center select, More and Setup Azure multi-factor auth.
  3. Find the users you want to enable multi-factor authentication. If necessary, change the view at the top to see all your users.
  4. Check the box next to users whom you want multi-factor authentication enabled.
  5. On the right-hand side, select Enable.
  6. In the new dialog box, click enable multi-factor auth.

Now, users can set up two-factor verification.

Two-factor Authentication

After turning on the multi-factor authentication, you must set up the two-factor verification service. This feature requires that you enter an additional code upon signing into browser based accounts. The randomly generated code comes via text message, phone call, secondary email, or through a Microsoft Authenticator app.

Each employee logs into their account to start the process after the multi-factor authentication.

  1. Once logged in, select Set it now.
  2. Choose the authentication method that best suits you and follows the prompts.
  3. Once finished, Micorsoft prompts you for the secondary code the next time you log. You receive the code via the method chosen during setup.

You can choose multiple verification methods, which is recommended, in the event you cannot access your conventional method.

Setting Up App Password

Once the multi-factor authentication is enabled, you can allow your employees to create application passwords for your different apps. If they are using a non-browser application such as Outlook, you must have a particular app password to log in, not your traditional password.

Office 2016 administrators also have the option of setting up a two-factor authentication for their users. When using a two-factor authentication, non-browser applications require individual passcodes.

To set up an app password:

  1. Login to Office 365, you must use both your password and verification code.
  2. Choose to set and then Office 365
  3. Select Security and Privacy, then Additional security verification.
  4. On the Addition Security Verification page, choose “update my phone numbers used for account security.” This option brings up the page with the app password setting.
  5. Select app passwords at the top of the page
  6. Click on create. Microsoft generates a random password.
  7. Copy the password to clipboard; you do not need to memorize or write it down.
  8. Open the application needing the password.
  9. When prompted, paste the passcode into the password box. Make sure you check the “remember my credentials” box before clicking OK.

Once stored, the application saves the app password in memory. Anytime you change your account password you need to regenerate a new app password for each application.

Microsoft offers limited backup support for Office 365 services. While maintaining high-security protocols, such as multi-factor authentication, can help protect files, having a backup service such as CloudAlly in place can ensure you never lose important documents.

View CloudAlly backup for Office 365 Solution Case Study.

How to Recover a deleted Item in Office 365

How to Recover a deleted Item in Office 365

(and) Why Microsoft Recycle Bin Is Not a Backup Option

It is very easy to select a group of emails to discard only to discover later you have clicked on one that you needed to keep. Sometimes you catch it immediately and can quickly reverse what you just did. Sometimes, you don’t notice it is gone for a few days, maybe even weeks. This guide shows you how to recover deleted items in Office 365 and why their system is quite limiting.

Using Recycle Bin

Most Microsoft users are familiar with the recycle bin, also known as the deleted items folder. This temporary holding destination stores data deleted from the account for 30 days or the time limit set by the administrator. During this time, if the bin is not emptied by the user, how to recover a deleted item in Office 365, is simple.

  1. Click the Deleted Items folder
  2. Find the file you need
  3. Right-click the document, select Move and Inbox to return the file.

If you are using an Outlook program on your computer, instead of accessing Office 365 exchange directly from the web app, you must select Move and then Other Folders before choosing Inbox.

In addition to retrieving deleted messages and attachments, use the deleted items folder to retrieve contacts, events, or tasks. The steps are the same, the only difference is instead of moving data to your inbox, choose contacts, calendar, or tasks for appropriate placement.

Using Recoverable Items Folder

By default, Microsoft Exchange purges the Deleted Items folder every 30 days. If it has been more than a month since you deleted the file, you no longer have the option to recover it from the deleted items folder. However, Microsoft does offer a limited recovery option in their Recoverable Items folder.

To recover items from the Recoverable Items folder

  1. Right-click Deleted Items and select Recover deleted items from the menu
  2. Search for the file you wish to recover
  3. Select file and choose Recover

Unlike recovering from the recycle bin, these files automatically return to their default location, i.e. messages go to the user’s inbox, events go to the calendar and so forth.

Items only remain in the Recoverable Items folder for 14 days. After this time, the files are no longer accessible by you. In some cases, the Office 365 administrator may have access to deleted files after the retention period.

Limitations of Relying on Office 365 Exchange

While Microsoft’s built in recovery may seem like enough, the limitations offered make it a less than desirable choice for long term retrieval. Some of these limitations include:

Why Microsoft Recycle Bin Is Not a Backup Option

  • Limited retention time. The deleted items folder only retains files for 30 days, the recoverable items folder only holds files for 14 days.
  • Manual deletion can affect recovery. Users can empty deleted items folders or purge recoverable items folders. If this happens, reclaiming lost files is impossible.
  • Limited storage. Most Office 365 email accounts have a limit of 50GB, including data in the recycle bin. Users with an Enterprise E3 or E5 service have a limit of 100GB.
  • Recovery limited to original user. If a user deletes a file and another user needs that message, there is no way to transfer it directly to the second user. First, you restore it to the original user and that user must send it to the new person. Not a difficult process, but a frustrating middle step for all involved.

There is a better way to ensure your Office 365 files remain retrievable.

Office 365 Recovery Solutions

Microsoft’s recycle bin is not a true backup solution. It’s intended use is to help you recover items accidentally deleted within a short time frame. CloudAlly is a permanent back up option that gives you full access to information from your Office 365 account, regardless of when it may have been removed.

Files stored within CloudAlly from a connected Office 365 account, remain indefinitely. There is no method for end users to access their storage and manually alter or delete data. Administrators can, however, removed user accounts from backup if necessary.

Unlike the Office 365 deleted items folder, CloudAlly allows you to recover messages, events, contacts, and tasks from any period, not just the last 30 days. Administrators have the option of restoring messages back to the original owner, restore to a new user, or export the file in a compatible PST format.

How to recover a deleted item in Office 365 from CloudAlly is very simple. After logging into the CloudAlly account, navigate to the Restore and Download page by selecting the link on the left side of the screen.

  1. Select the account from which you need to restore data. Then select the user.
  2. If you want to search for a specific email, contact, event, or task, choose Via Item Search.
  3. Select the type of file.
  4. Fill in the search bar with one of the following:
    1. Email sender
    2. Email subject
    3. Contact name
    4. Even title
    5. Task title
  5. Click Search
  6. Select the required file from the list and click Restore.
  7. If you wish to restore this item to a different use, change the email address in the Restore box to the appropriate user email. Otherwise, leave the address as is and click restore.

You can also choose to download the files instead. You can export mail files as Outlook compatible PST format or standard EML, VCF, or ICS.

Once complete, the you receive an email informing you of the restored item.

View this video demo on: How to recover deleted items in Office 365

Office 365 does not recommend relying solely on the recycle bin for backup support. Instead, you need to have a third-party automated backup solution in place to ensure you never lose an important email or attachment. CloudAlly’s Office 365 backup service runs automatically to save valuable information daily. Seamlessly restore missing messages, contacts, or events with just a few clicks of a mouse. Give us a try for 15 days free.

Office 365 administrator

Getting started – Office 365 administrator

Best Practice Guide: For the Office 365 beginner admin.

office 365 administratorAfter you adopt Microsoft’s Office 365 as part of your company’s operations, you have to choose an administrator to run the day-to-day. As an Office 365 administrator, it’s your job to know what your employees are doing in Office 365 each day, answer any questions about the software, and ensure that it continues to run smoothly within your organization. It’s a job that has a lot of moving pieces, and it can be hard to keep up to date.

By following these Office 365 administrator best practices and using some of the tools that we recommend, you can ensure that you stay on top of everything.

  1. Utilize – Office 365 Administrator – Usage Reports

As an Office 365 administrator, it is extremely important to know how your users are interacting with Office 365. That’s where Activity Reports are beyond helpful. These varied reports can tell you exactly what each user is up to within their account and within your organization as a whole.

Out of all the reports, you’ll most want to pay attention to Email Activity, OneDrive for Business usage, and SharePoint activity. These reports provide you with an activity overview while also allowing you to drill down into more granular insights about the activities specific to each product.

In particular, the Email Activity report lets you determine trends in the number of emails sent and received by your users. This will help you determine if there are unauthorized users or if someone has been using one of your Office 365 email addresses for personal use or to steal data. For OneDrive and SharePoint, the reports let you see if there’s a spike in data stored or deleted that could indicate unauthorized access or inappropriate user usage. The key is to investigate any strange activities.

Take a look at this video by Microsoft Ignite about the new Office 365 usage reporting to learn more about what you can do.

  1. Become and Expert on Office 365

Another Office 365 administrator job is to be the touch point for your entire organization. Your employees might expect you to know everything about the product, including how to navigate it and use all the little-known features, which can be found in this tips and tricks video.

However, there’s also a specific community just for Office 365 administrators to communicate with each other: the Microsoft Tech Community. This is a public forum that allows you to connect with other administrators to ask questions and get answers about how to accomplish a variety of Office 365 administrator tasks. It’s an invaluable tool for helping you keep up with best practices.

  1. Protect Your Office 365 Data

Ultimately, the best Office 365 administrator tool that you have in your pocket is a backup and restore solution such as CloudAlly. This is because Office 365 doesn’t protect you from malicious activity, data corruption, or empty recycle bins, all of which can cause you to permanently lose data with no chance of recovery. Eventually you’re going to lose data—employees make errors—but an automatic daily backup with a secure, third-party solution can keep all of your critical data safe.

CloudAlly’s Office 365 backup is incredibly simple to setup and offers unlimited storage for all your mail, calendars, contacts, tasks, as well as your SharePoint team sites, public sites, private site collections, and OneDrive for Business sites. No matter if you face an error or an attack, CloudAlly can keep you safe and as an Office 365 administrator, that’s your number one goal.

Being an effective Office 365 administrator doesn’t have to feel like an impossible task. All it takes are a few tools and best practices to provide your organization with everything it needs.

hipaa compliance software – Office 365 HIPAA

Office 365 – HIPAA Compliance Software

hipaa compliance softwareProtected health information is an important subject in the technological age. The use of mobile devices such as smart phones and tablets make it more consequential for companies to have protections in place. With the use of online services, like Office 365, HIPAA compliant takes on a new level of complexity. Not only does your business must have regulations and safe practices in place to protect sensitive data, but the online service must have HIPAA compliance software measure as well.

The IT manager can easily be confused by which services have the proper protections in place to help safeguard data.  A quick search and hundreds of names appear, all claiming to have the certifications necessary to meet your needs. While many do, not all are as compliant as they pretend to be. So, one wonders is Office 365 HIPAA compliant?

Certified to Protect

Microsoft has robust security features necessary to help protect information stored on their servers. The company offers two-factor security authentication to help keep your accounts secure. In short, Office 365 is HIPAA compliant.

As an Office 365 user, there are some things you must do to take advantage of their compliance standing. All companies using Office 365, must complete a business associate agreement, or BAA, with Microsoft. Once in place, Microsoft, for their part, will do everything in their power to ensure your protected health documents are secure.

Configuring Office 365 Email

After signing a BAA, Microsoft helps you set user emails to comply with HIPAA regulations using the Exchange Online Protection program. Only administrators can configure these settings, as they are reached from the Exchange Admin Center page.

Once on the Admin page, select Compliance management, then select Data Loss Prevention. From here click on the “+” sign and select New DLP policy from the template. Scroll until you find HIPAA and choose template.

By default, Office 365’s HIPAA rules scan messages for Drug Enforcement Agency (DEA) number and Social Security numbers. However, if you need more coverage, you can add:

  • US Passport number
  • US Bank Account
  • US Driver’s License
  • US Individual Taxpayer Identification number

To add any of these items to your HIPAA configuration, just select them on the template. You can also customize rules to add fields such as Date of Birth.

Once enacted, Microsoft scans each email for selected sensitive information. In the event of an incident, Microsoft reports it as dictated by their standard notification procedures to the system administrators.

Office 365 HIPAA Compliance Is Not Enough

Using an email service that is HIPPA compliant, like Office 365, is not sufficient. Microsoft is only responsible for maintaining security on their end of the agreement. It is up to business owners to use best practices to protect customer information and comply with HIPAA regulation.

Adding two-factor security authentication is just one step to help protect your files in an HIPAA regulated situation. Using encrypted email when sending data contributes to protecting your customers from potential information loss.

Another step you can take is limit who on your staff can send emails concerning patient information. Limiting who can access and edit client files is also another way to protect sensitive data.

Patient consent forms, which must be signed for health information to be shared with anyone other than the patient, are the responsibility of your office. Microsoft does not take responsibility for this document. It is up to your staff to obtain and retain written permission. Under HIPAA regulation, this agreement is obtainable via email. However, you must inform the patient of any potential risks they may have using email to communicate sensitive data.

Properly managing where protected health information is the most important thing you can do to maintain HIPAA regulation. While mobile devices often come with Office 365, it can only help to increase the risk others gaining access to patient information. Misplaced laptops and cell phones can lead to stolen documents if saved internally.

Having a cloud backup in place can act as a barrier to malicious data loss. Storing information in the cloud keeps it from being stored on the hard drive of a mobile device that is easily lost. However, if you choose to store your information in the cloud, make sure your backup service is HIPAA compliant to adhere to government regulation.

CloudAlly is certified ISO 27001 and is thoroughly HIPAA compliant software. We offer business associate agreements with all clients who ask for them. Our Office 365 backs up email, calendar, tasks, and contact data.

Try us free for 15 days, no credit card required to sign up

OneDrive Online Backup Video

Introducing Our OneDrive Backup Video 

Microsoft OneDrive is a cloud storage solution that allows you to get access to your files anywhere, on any device. It’s an incredible tool that enables you to share your content and work together with anyone in your work and life. No matter where you are or what you’re doing, OneDrive makes it easy to access and share your files and photos for seamless communication and collaboration in your personal life and business.

There’s just one problem, with endless collaboration opportunities, you open yourself up to potentially sticky situations. For example, what if one of you delete a document and empty the recycle bin, by mistake? That’s where a cloud backup and restore solution is key to your business’ success.  OneDrive data can be accidentally or maliciously deleted or corrupted, and is vulnerable to ransom-ware attacks.

You can’t afford to lose file and documents that are vital to your entire organization without a way to recover it. The good news is that, in just a few minutes, you can set up CloudAlly to protect your OneDrive data with automated daily backups.

CloudAlly’s backup solution is compatible with all business plans. No matter how many employees are in your organization or how much data you create and modify on a daily basis, CloudAlly can protect your company data with a backup solution hosted in secure Amazon S3 storage. And as an added benefit, CloudAlly gives you the ability to keep track of all your OneDrive backup activity. So, you can see exactly what’s going on.

About Our OneDrive Backup Video Demo Video

In our newest demo video, we show you how easy it is to start protecting Microsoft OneDrive for your company. Activating your CloudAlly backup is simple, safe, and can be completed in just a few easy-to-follow steps. You’ll notice how user-friendly our software is as well as how many options you have for customizing your backup solution.

Let our two-minute activation video take you through the step-by-step process of backing up your OneDrive cloud storage solution, so you can sit back and relax knowing that your data is safe and that you can restore like an expert. We cover everything from:

  • Correctly setting up your OneDrive backup using a user name and password that has global admin rights.
  • Gathering your OneDrive URL, which will be https://tenantname-my.onedrive.com
  • Choosing which sites you’d like to backup, you can activate backups for all sites with a single click, or selectively activate backups as needed.
  • Checking the appropriate backup preferences including “automatically detect and activate new accounts,” scheduling, etc.
  • Picking a friendly name for each backup
  • And, indexing your archived data.

And if you’re still concerned about using CloudAlly’s OneDrive backup solution, don’t forget, we have a risk free 15-day trial available! We want to show you how easy it is to protect your data from all threats no matter the problem.

Don’t choose software to protect your data that you haven’t seen in action. Choose CloudAlly as your OneDrive backup and restore solution, and rest easy knowing that you’ve already seen how it works and don’t have to worry about hidden processes or errors.

When you’re ready to know more, contact CloudAlly by calling +1.917.338.0385 or filling out our Contact Form. We can’t wait to work with you to keep your OneDrive data safe and sound.

View the MS OneDrive video demo to see how easy to use, secure and reliable CloudAlly’s MS OneDrive

MS Office 365 Backup Video

Introducing Our Office 365 Exchange Backup Demo Video

Take control of your Office 365 Exchange data with CloudAlly. Our automated daily backup services ensure that you always have access to your data and that you can restore and recover your data at any point and from any point in time.

Our backup services are compatible with all Office 365 plans and features including Mail, Calendar, Contacts, and Tasks. It’s simple and easy to backup your Office 365 data with CloudAlly, and our newest demo video we’ll show you exactly how uncomplicated the process is.

About Our Office 365 Backup Video Demo Video

Everyone always claims that their software is “easy” and “simple” and “requires little to now time to set up.” The problem is that many of these claims are false, but you don’t realize you’ve been duped until you’ve made the commitment.

That’s why we’ve decided to prove how convenient it is to use CloudAlly as your Office 365 backup and restore solution. We’re removing the guesswork and offering complete transparency with our latest demo video.

Not only will we walk you through the easy steps to activate your backup, but we’ll show you how it works in real-time, on a real account. This isn’t a demo with a “sample” system. This is CloudAlly at work, in real life.

Activating your Office 365 Exchange backup on your CloudAlly account can be completed in just a few steps. All you need is access to a computer and your CloudAlly login information. From there, you just follow the step-by-step activation process that we’ve laid out for you.

In this two-and-a-half-minute video, you’ll learn how to set up our Office 365 Exchange backup and restore solution like an expert. We cover everything from:

  • Correctly setting up your application impersonation using OAuth or Global Admin.
  • Choosing which accounts you’d like to backup (you can choose to backup each account and/or user individually or select all for a quick backup of every Office 365 user including all shared and public folders).
  • Checking the appropriate backup preferences including “automatically detect and activate new accounts,” scheduling, etc.
  • Picking a friendly name for each backup
  • And indexing your archived data.

And if you’re still concerned about using CloudAlly’s Office 365 Exchange backup solution, don’t forget, we have a risk free 15-day trial available! We want to show you how easy it is to protect your data from all threats.

Don’t choose software to protect your data that you haven’t seen in action. Choose CloudAlly as your Office 365 backup and restore solution, and rest easy knowing that you’ve already seen how it works and don’t have to worry about hidden processes or errors.

When you’re ready to know more, contact CloudAlly by calling +1.917.338.0385 or filling out our Contact Form. We can’t wait to work with you to keep your Office 365 Exchange data safe and sound.