Important security tips

Recently, there have been several newsworthy attacks against Office 365 accounts. Accounts that have access to administrative functions in Office 365 make particularly attractive targets. It's only a matter of time before such attacks result in a serious data breach. Don't be the person that lets their company experience this embarrassing and costly mistake.

You can protect yourself (and your customers) by making sure that you follow these security tips:

• Ensure your global administrator rights aren't associated with the account you use for everyday access to email and other Office 365 services
• Enable Office 365 multi-factor authentication for privileged accounts
• Avoid saving your administrator credentials
• Always open the Office 365 administration portal using an in-private/incognito browser session
• Consider using privileged identity management or Customer Lockbox, which are both Office 365 services available to help you control access to accounts with high-level permissions

We'll talk about these security strategies and cover more tips in Chapter 8, Understanding Security and Compliance.