Office 365 Security: Q&A

Home / Information Security / Office 365 Security: Q&A

Recently, our team hosted a live webcast on Office 365 security. During the webcast, the discussion generated an extremely high number of questions from the audience, and we wanted to make sure that we answered those that were most commonly asked!

So, here’s the Q&A from our webcast, Is Your Office 365 Secure? Maximizing Productivity and Data Protection for Your Business.

Q: What programs and policies are generally recommended for O365 users and admins?

A: Microsoft has an extensive list of policies that should be configured for O365 which can be found on the Security and Compliance section of their website. However, here are four major recommendations relating to Office 365 that we always suggest:

  1. Enable Audit logging
  2. Use Multi-factor authentication
  3. Enable AD password sync
  4. Disable legacy email protocols

Q: Which service does ITW recommend for O365 backups?

A: There are a lot of great options available for backing up O365, and we have built a backup offering that is based on Datto SaaS Protection (Backupify).

Check out our SaaS Protection Info Sheet.

Q: Does IT Weapons provide assessments or audits on O365 security?

A: We sure do! We offer a variety of assessments, audits, and reviews for basically any technology solution that can help you understand any current gaps or weakness. In addition, all of our assessments include detailed recommendations to help you get better quickly and efficiently.

Learn more about IT Weapons Technical Assessments. 

Q: Does O365 provide you with protection against brute force attacks?

A: There is a built in Attack Simulator in O365 where you can run simulated brute force attacks and see how likely they are to impact your business. Also, Multi-factor authentication is the best way to protect your business from password-based threats.

Q: Does Microsoft replicate data to more than one location?

A: Yes. In Canada, Microsoft has several data centres that make up the Canadian Microsoft Cloud where data can be replicated to in order to ensure georedundancy. However, please check your current subscription as this service may not be included for all subscription types.

Q: Is there an official document from Microsoft that details all of their security features?

A: Yes. Check out Microsoft’s website, however, it is quite a hefty read!


Our webcast was a huge success with some great turnout and engagement. Want to make sure you don’t miss our next webcast? Sign up for our newsletter. 

Want to learn more about Office 365 Security? Click here to check out our newest O365 Security Solution.

Don’t hesitate to Contact us for guidance on properly securing your O365 tenant!

Related Posts