[chatbot] [chatbot]

VGC Technology

What Is Microsoft 365 Business Premium? | Everything You Need To Know About

Small businesses have to deal with the same cyberattacks as large companies – but, sometimes without a IT department to implement protections. That’s where Microsoft 365 Business Premium comes in. It protects against external threats and data leaks to help you securely run and grow your small business. 

Microsoft 365 Business Premium includes a range of security features including:

  • Device and application management in the Microsoft 365 admin center 
  • Microsoft Defender for Office 365 
  • Microsoft Defender Antivirus 
  • Microsoft Intune 
  • Conditional access 
  • management settings for Android or iOS devices 
  • Set application protection settings for Windows 10 devices 
  • Set device protection settings for Windows 10 devices 
  • Remove company data from devices 
  • Reset Windows 10 devices to their factory settings 
  • Safe Attachments for email to check attachments in messages as an additional layer of protection in addition to Exchange Online Protection. 
  • Safe Links to scan URLs in email messages. 
  • Safe Attachments for SharePoint, OneDrive, and Microsoft Teams to help detect and block existing files that are identified as malicious in team sites and document libraries. 
  • Anti-phishing in Defender for Office 365 protection to block messages from impersonated email addresses. 
  • Real-time detections to help your security operations team investigate and respond to threats efficiently. 
  • Cloud-based solution to provide mobile device management and mobile application management. 
  • Can co-manage with Configuration Manager and Intune. 

You can wipe data from a device that is lost or stolen to prevent sensitive data from getting into the wrong hands. 

How do protection features in Microsoft 365 Business Premium map to Intune settings? 

  • A Microsoft 365 Business Premium subscription gives you a license to modify any Intune settings that map to settings available in Microsoft 365 Business Premium policies including all Android and iOS settings. 
  • Most settings can be modified directly from the Microsoft 365 admin center. 

Security and Compliance

Anti-malware -

To increase malware protection in email, you should block attachments with file types commonly used in malware attacks. 

The Microsoft 365 Defender portal includes anti-malware policies that can be directly implemented or edited, as required. 

Anti-phishing -

Custom domains can be the victims of phishing attacks, for example when a malicious attacker impersonates another person in an email. 

The Microsoft 365 Defender portal includes an anti-phishing wizard to create an anti-phishing policy. 

Anti spam -

Spam involves mass emailing which could be for marketing purposes or could be an attempt to spread malware. 

Spam could come from outside your organisation, but could also come from a user in your organisation sending outbound spam, perhaps in an over-enthusiastic marketing campaign. 

The Microsoft 365 Defender portal includes anti-spam policies to protect against inbound and outbound spam. 

Safe Links -

Another form of phishing attack is to include links to malicious websites in emails or files. By only including a link, rather than attaching a malicious file, malicious links can evade many forms of virus protection. 

The Microsoft 365 Defender portal includes safe links policies to protect you from this form of attack. 

Safe Attachments -

Attachments are commonly sent by email and it is hard to know whether the attachment contains malware. 

The Microsoft 365 Defender portal includes safe attachments policies to block attachments that contain malware. 

Conditional Access (Available with Azure Active Directory P1 license) -

Included with Microsoft 365 Business Premium license. 

  • Includes policies to protect Active Directory resources no matter where users are. 
  • Can block access based upon: 
  • User or group membership 
  • IP Location information 
  • Device platform or state 
  • Specific applications 
  • Real-time and calculated risk detection 
  • Data loss prevention 
  • Email retention 

Data loss prevention (DLP) policies protect against the loss of sensitive information. Microsoft 365 Business Premium includes over 40 ready-to-use templates for common regulatory policies including the Gramm-Leach-Bliley Act (GLBA), United States Personally Identifiable Information (U.S. PII), and General Data Protection Regulation (GDPR). 

The Microsoft 365 compliance portal includes DLP policy templates to enable you to apply common regulatory policies. 

  • Automatically detect sensitive information, for example: 
  • Bank account information 
  • Health records 
  • Proprietary corporate data 
  • Implement data loss prevention (DLP) by defining and applying DLP policies. 
  • Microsoft 365 uses deep content analysis including machine learning to detect content that matches your DLP policies. 
  • DLP policies can monitor: 
  • Microsoft 365 services such as Teams, Exchange, SharePoint, and OneDrive 
  • Office applications such as Word, Excel, and PowerPoint 
  • Windows 10 endpoints 
  • Non-Microsoft cloud apps 
  • On-premises file shares and on-premises SharePoint 
Email Retention
  • Some users and some organizations need to keep emails for a number of years for legal reasons. 
  • You might need to recover data after a security breach. 
  • You might need to recover deleted items. 
  • The Microsoft 365 compliance portal includes retention policies to enable you to ensure that specific users, groups of users, or all users, have emails retained for a defined period of time. 
Archive Mailbox
  • Archive mailboxes can provide additional storage for users who might need to store messages for compliance reasons. 
  • Once archive mailboxes are enabled, messages will be moved to the archive mailbox based on the retention settings. 
Exchange Online Archiving

Microsoft 365 Business Premium includes Exchange Online Archiving, which has the following features: 

  • Archive mailbox 
  • Deleted item recovery
  • Retention policies 
  • In-Place Hold and Litigation Hold 
  • In-Place eDiscovery 

Microsoft 365 Business Premium includes Exchange Online Archiving, which has the following features: 

  • Archive mailbox 
  • Deleted item recovery
  • Retention policies 
  • In-Place Hold and Litigation Hold 
  • In-Place eDiscovery 
Retention

Specify how long before an item or items in a folder, is archived and then deleted. Can give users a menu of retention options for them to apply. 

In-Place Hold and Litigation Hold

Can place a user on hold and preserve mailbox items. Preserve items deleted by users. Can search for and hold items based on criteria. 

In-Place eDiscovery

Can place a user on hold and preserve mailbox items. Preserve items deleted by users. Can search for and hold items based on criteria. 

  • Documents often get sent both inside and outside an organization. 
  • Sensitivity labels can encrypt or watermark documents and protection persists outside the organization. 
  • Need to have set up sensitivity labels in the Microsoft 365 compliance center at https://compliance.microsoft.com: 
  • In Information protection, create the labels that you need. 
  • Create Label policies to publish one or more labels to your users’ Office apps. 
  • Create auto-labeling policies to automatically apply sensitivity labels to email messages or OneDrive and SharePoint files. 
Share This:
Facebook
LinkedIn
Popular Post
Connect with us

Related Post