The National Cyber Security Centre (NCSC) has launched a new Secure Configuration Framework for Microsoft Office 365, which provides guidelines for government on how to optimally configure Office 365 – with a specific emphasis on security.
The framework, produced in collaboration with Microsoft and Ekco, a cyber security specialist headquartered in Dublin, will specifically provide guidance and support to organisations in configuring Office 365 to meet their compliance obligations and leverage the features and capabilities that are present within the service.
The detailed framework document provides an overview of the steps that should be taken to set up Office 365 optimally, including how to establish the basic foundational security controls and key considerations around bringing your own device (BYOD) controls. The framework also empowers all organisations to take steps to improve their security systems.
Office 365, which provides cloud-based services such as Exchange Online, Outlook, OneDrive, Microsoft Teams, and applications such as Word and Excel, is a key component in the technology portfolio of many organisations operating in the country. With nearly 50% of Irish SMEs having experienced multiple cyber attacks over the last three years, according to a recent Microsoft study, it has become increasingly urgent for companies of all sizes to ensure their Office 365 platform meets best practices in cyber security.
Speaking at the launch of the framework at Microsoft’s headquarters in Dublin, Richard Browne, director of the NCSC, said: “The importance of cyber security in ensuring that Ireland can benefit fully from the ongoing digital transformation cannot be underestimated, and every action taken to strengthen that security plays a positive role.
“ Today’s launch is a testament to the importance of both the public and private sector working together, and also the steps that can be taken by government departments, SMEs, and other Office 365 users in instigating an acceptable security standard in their use of the product. The controls and maturity levels described in this document are guidance, influenced by and aligning with the Public Sector Cyber Security Baseline Standards, and form a broad framework for a set of measures which can be revised over time ”.
Adding to Browne’s emphasis on the importance of increasing cybersecurity awareness, Kieran McCorry, national technology officer for Microsoft Ireland, said: “Working to ensure business resilience has never been more important. This framework will serve as a crucial document to ensure that an organisation’s digital foundation is secure and protected against an ever-increasing threat landscape and I want to thank our partners at the NCSC and Ekco for their work and commitment to this collaborative effort. Cybersecurity is no longer ‘a nice to have’ – it is a prerequisite to success and to future-proofing businesses, our economy, and our society.”
The framework was co-written by Ekco, a security-first managed cloud service provider, that offers advice, consultancy and technical solutions to hundreds of Irish businesses, as well as having a footprint in the UK and the Netherlands.
Steve MacNicholas, MD for Ekco Ireland, said: “Technology tools like Office 365 can help companies of all sizes increase productivity, streamline processes, and accelerate growth. However, it’s critical that these tools are correctly configured and secured. Our focus at Ekco is to guide businesses to define their security needs and develop solutions that protect their valuable data.”
The Secure Configuration Framework for Office 365 is available on the NCSC website.
See more stories here.