
What is MFA? MFA works in which a computer user is granted access to a website or application only after successfully presenting two or more pieces of evidence to an authentication mechanism. With Multi-Factor Authentication being almost 100% effective at stopping hackers from gaining access to company resources – Microsoft strongly support the use of MFA to secure your organisation.
Microsoft states ‘Your passwords can be easily compromised. MFA immediately increases your account security by requiring multiple forms of verification to prove your identity when signing into an application.’ Offering several different forms of MFA:

Data encryption is the process of encoding information – allowing this to only be accessible and read if it is decrypted, only available from authorized users. Data encryption stems across financial information, business files to personal information.
Encryption is an important part of file and information protection strategies, Microsoft 365 provide multiple layers of encryption to ensure files are secure and protected. Taken from Microsoft, here are the content types & the encryption available within Microsoft 365:
| Kinds of Content | Encryption Technologies | Resources to learn more | 
| Files on a device. These files can include email messages saved in a folder, Office documents saved on a computer, tablet, or phone, or data saved to the Microsoft cloud. | BitLocker in Microsoft data centres. BitLocker can also be used on client machines, such as Windows computers and tablets | Windows IT Center: BitLocker | 
| Files in transit between users. These files can include Office documents or SharePoint list items shared between users. | TLS for files in transit | Data Encryption in OneDrive for Business and SharePoint Online | 
| Email in transit between recipients. This email includes emails hosted by Exchange Online. | Office 365 Message Encryption with Azure Rights Management, S/MIME, and TLS for an email in transit | Office 365 Message Encryption (OME) | 
| Chats, messages, and files in transit between recipients using Microsoft Teams. | Teams use TLS and MTLS to encrypt instant messages. The media traffic is encrypted using Secure RTP (SRTP). Teams use FIPS (Federal Information Processing Standard) compliant algorithms for encryption key exchanges. | 
Microsoft designs, builds and operates industry-leading data centres, with limited physical access to where our data is stored. Taking a layered approach to protecting the data centre, Microsoft uses physical 24/7 security at the facilities perimeter, the building perimeter, the building entrance, inside the building and on the data centre floor. Further protected with strict request and approval access only, 24/7 security cameras & a physical security team within the building at all times.

'Microsoft is committed to providing you with the information and controls you need to make choices about how your data is collected and used when you’re using Microsoft 365 Apps for enterprise.'
Microsoft 365 for Enterprise provides new policy settings that allow you to control settings related to:
The following are the new policy settings
The following are the five new policy settings:
Microsoft secure score uses machine learning to create a measurement of an organisation's security levels. Organisations can access in-depth visualisations of metrics and trends, integration with other Microsoft products, score comparison with similar organisations, and much more.
Secure Score helps organizations:

As a recognized digital transformation provider and partner, our expert team are available to assist in any projects or consultancy you may need this year.
As a Microsoft Gold Partner, we have expertise in cloud technology, collaborating with SharePoint and Microsoft Teams, and enhancing customer relationships with CRM systems and portals. Get in touch with our team to learn more at sales@blacklightsoftware.com.
Blacklight Software