Ireland shares new guide to keep Microsoft 365 services secure

7 Feb 2023

From left: Ekco Ireland MD Steve MacNicholas, Microsoft Ireland country manager Anne Sheehan and NCSC director Dr Richard Browne. Image: Maura Hickey

The Secure Configuration Framework has been launched to show both public and private organisations how to optimally configure these Microsoft services, with a focus on cybersecurity.

Ireland’s Government has created a new guide to help organisations stay secure when using Microsoft 365 products.

The National Cyber Security Centre (NCSC) has launched the Secure Configuration Framework, which aims to show both public and private organisations how to optimally configure these Microsoft services.

Microsoft 365 is used by various organisations and includes cloud-based services such as Outlook, Teams, OneDrive and Exchange Online.

The guidelines contain various instructions to optimise the cybersecurity around these services such as security controls, tips to prevent vulnerabilities and best practices when personal or non-organisation owned devices are introduced.

The framework was created through a collaboration with Microsoft and Dublin-headquartered cybersecurity company Ekco.

The NCSC previously said it has “worked closely” with Microsoft on multiple cybersecurity issues over the years. These collaborations culminated last June when Ireland joined Microsoft’s Government Security Program, to help protect critical infrastructure from cyberattacks.

NCSC director Richard Browne said it “cannot be underestimated” how important cybersecurity is to ensure Ireland benefits from “the ongoing digital transformation”.

“Today’s launch is a testament to the importance of both the public and private sector working together, and also the steps that can be taken by government departments, SMEs, and other [Microsoft] 365 users in instigating an acceptable security standard in their use of the product,” said Browne.

Last year, the Government released a white paper outlining its enterprise objectives for 2030, which includes having 90pc of Irish of SMEs at basic digital intensity by the end of the decade.

Microsoft Ireland’s national technology officer Kieran McCorry said the framework is a “crucial document” to keep organisations protected “against an ever-increasing threat landscape”.

“Cybersecurity is no longer ‘a nice to have’ – it is a prerequisite to success and to futureproofing businesses, our economy, and our society,” McCorry said.

Last month, multiple Microsoft 365 services went down for users worldwide due to an outage. Microsoft said at the time that the outage was caused by a potential networking issue.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Leigh Mc Gowran is a journalist with Silicon Republic