Securing your 365 Office and Email Accounts using your phone

Securing your companies data and Office 365 email accounts using Multi-Factor Authentication (aka 2-Step or 2FA authentication) using a smart phone.

The level of security when using Microsoft Hosted Exchange, Office 365 and Office Applications is already pretty secure but if an employee unwittingly divulges their email address and password to a scammer, it can seriously compromise their email and data and whatever other sensitive data they may have access to.

This usually occurs with a Phishing Attack (see below)

What is Phishing and how can I defend against it?

To prevent this from happening there are a number of steps that can be taken by

a) the employer, b) the individual users and c) the System Administrator to prevent this from occurring.

We identify a 9-Point plan below:

Security best practices for Office 365 and Hosted Exchange Mailboxes

The most important point of the plan is:

#1 Setup Multi Factor Authentication using a mobile device or smartphone

Implementing Multi-Factor-Authentication requires the Systems Administrators to firstly turn the feature on before the individual user sets up the new authentication method.

There are 3 choices of secondary authentication using Multi-Factor Authentication

  1. Using the Multi-Factor-App on your smartphone (see above video)
  2. Receive a Phone Call to a land-line or mobile phone
  3. Receive a code by SMS/Text Message

The easiest to use but requiring some setting up is to use the Microsoft Multi-Factor Authentication App, Download and install the Microsoft Authenticator app for AndroidiOS or Windows Phone

Watch the video below, before registering for Multi Factor Authentication, by clicking on the following link:   https://aka.ms/mfasetup 

Remember to enter your Office Telephone number as an alternative contact method, in case you misplace or lose your smartphone.

Setting up Microsoft Outlook using Multi Factor Authentication

After you verify your alternate contact method, You will be issued with an “app password” that you can use with Outlook, Apple Mail, etc.

Choose the copy icon to copy the password to your clipboard. You won’t need to memorize this password or better still print it out or keep it safe as a .txt file on your desktop.

Image of the copy icon to copy the app password to your clipboard.

To use the app password in Outlook

You’ll need to do these steps once.

  1. Open Outlook, such as Outlook 2010, 2013, or 2016.
  2. Wherever you’re prompted for your password, paste the “app password” into the box. For example, if you’ve already added your account to Outlook, when prompted paste the app password there, and tick the “Remember My Credentials” box, followed by “OK
  3. Or, if you’re adding your Office 365 account to Outlook, enter your app password here:Enter your app password in both Password boxes.
  4. Restart Outlook.

Step By Step Guide to setting up Microsoft Authenticator on an iPhone

  1. Search for the Authenticator App in the App Store and Install
Install
Allow, Notifications

Skip

Add your email address and sign-in

 

Business Customers – Use “Work or School Account”

 

Allow Access to your Camera so it can read the QR Code on your computer

Use your Camera to scan the Barcode on the screen

Once setup and you are asked for authentication, simply look at your phone and “Approve” the prompt

 

No need to receive multiple SMS or phone calls and manually typing codes.

To change, delete, or update default security info methods, see:

Other Microsoft Resources

Sign in to Office 365 with 2-step verification
Fix common problems with 2-step verification
Use Microsoft Authenticator with Office 365
Change how you get 2-step verification codes
Admins: Set up multi-factor authentication for Office 365 users
Create an app password for Office 365
Set up 2-step verification for Office 365

 

For our rates, charges and terms, please contact us.

HYBRID ICT are a Microsoft Silver Small and Mid-market Cloud Solutions Partner and Apple Consultant Network Partner