0% found this document useful (0 votes)
135 views5 pages

Implement The Following SharePoint Security Best Practices in 2023

Implement The Following SharePoint Security Best Practices in 2023 Enable Azure AD Privileged Identity Management and monitor privileged role changes. Verify external sharing settings for Teams, OneDrive, and SharePoint. Include Security Score and Identity Secure Score checks in monthly IT inspections. Require multifactor authentication for all privileged accounts and users connecting to Office 365. Conduct regular security reviews and inventories to identify risks and strengthen access controls.

Uploaded by

moony30
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
135 views5 pages

Implement The Following SharePoint Security Best Practices in 2023

Implement The Following SharePoint Security Best Practices in 2023 Enable Azure AD Privileged Identity Management and monitor privileged role changes. Verify external sharing settings for Teams, OneDrive, and SharePoint. Include Security Score and Identity Secure Score checks in monthly IT inspections. Require multifactor authentication for all privileged accounts and users connecting to Office 365. Conduct regular security reviews and inventories to identify risks and strengthen access controls.

Uploaded by

moony30
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Implement The Following SharePoint Security Best Practices in 2023

The integrity of your users, particularly those who have privileged access to
your business data and resources, is a crucial aspect of cloud security for
working capital. In complicated settings like Azure, and
Microsoft SharePoint 365, several accounts and various responsibilities
might be regarded as privileged. It is crucial to reduce their population as
promptly as possible. I’ve mentioned a few things you can do
to maintain your SharePoint intranet security strong down below.
• Enable Azure AD Privileged Identity Management so that you can
receive alerts if a privileged role changes
• Verify that you have evaluated and set up external sharing
for Teams, OneDrive, and SharePoint
• Include the Security Score and Identity Secure Score checks in
your normal monthly IT inspections. Make careful to mark tasks to
change their status to something appropriate, like “Planning,”
“Done,” etc.
• If AD sync fails, make sure you have at least two backup users or
“break-in” accounts. If the MFA service fails, think about disabling
MFA for these accounts
• On all other privileged accounts, enable MFA
• List the people who have the following roles: global administrator,
privileged role administrator, administrator of exchange online,
and administrator of SharePoint online
• Make sure auditing is enabled today!
• Should you need longer retention of Office 365 audit logs, consider
3rd party tool options
• Every user connecting to Office 365 should have MFA enforced
• Deploy a custom, branded login page for Office 365
• Conduct an inventory of services, owners, and admins
• Identify Microsoft accounts in administrative roles that you need
to switch to work or school accounts
• Ensure separate user accounts and mail forwarding for global
administrator accounts
• Make sure you change the passwords of administrative accounts.
• Turn on password hash synchronization
• Require multifactor authentication (MFA) for users in all privileged
roles and exposed users
• Configure Identity Protection
• Obtain your Office 365 Secure Score
• Review the Office 365 security and compliance guidance
• Establish the owners of the incident/emergency response plan
• Secure on-premises privileged administrative accounts
• Complete an inventory of subscriptions
• Remove Microsoft accounts from admin roles
• Monitor Azure activity
• Configure conditional access policies

You might also like