This article gives you the basics on what you need to know about your nonprofit's data, and how you can help ensure it is compliant with security standards when in the cloud. We'll review two-factor authentication, setting up a data loss prevention policy, and how to make sure only authorized and compliant devices can access your data.
Simply put, cloud security refers to a set of administrative policies and technologies organized to protect your nonprofit's data, accounts, devices, and infrastructure. Microsoft provides platinum-standard security for nonprofit cloud users. Sam Chenkin from Tech Impact reviews the key elements of security you need to know and lots of ways Office 365 can help your organization be more secure.
Microsoft hosts governments and major corporations in its cloud. It's HIPAA compliant and has audited compliance with Statement on Standards for Attestation Engagements (SSAE) 16 and a dozen other security standards. You can take a look at the Microsoft Trust Center to learn more.
Your nonprofit's data in the Office 365 cloud is encrypted in transit and at rest in Microsoft's datacenters. You only need to worry about data on your local machines, data sent outside of your network by your staff and volunteers, and access to your data through compromised accounts.
Let's take a look at account and device security. Azure Active Directory (AD) is included with Office 365. It allows you to manage users and groups in your nonprofit. Its features help nonprofits to prevent identify theft and keep hackers and other criminals out of their systems.
Azure was developed for Windows domain networks and includes most Windows Server operating systems as a set of processes and services.
A major benefit of Azure is being able to log into your computer with Azure AD. If you enable this in the Office 365 management console, your nonprofit staff and volunteers can join their computers to Azure AD. Then they'll be able to log into their computers with their Office 365 username and password. They will also be able to log into many third-party applications using the same username and password.
Watch as Sam demonstrates joining a computer to Azure AD and setting up single sign-on (SSO).
One easy and important step is to set up two-factor authentication. Two-factor authentication helps to ensure that only authorized users can log in to your organization's accounts. Two-factor authentication also makes single sign-on even more secure.
Users are granted access only after successfully presenting two different pieces of evidence to confirm their identity. Typically that evidence is in two of the following categories: knowledge (something users know), possession (something they have), and inherence (something they are).
For example, you can set up your computer so that it's not enough to know your password in order to log in. You also need to prove that you are an authorized user by providing a code from your mobile phone.
Watch as Sam shows you how to easily enable two-factor authentication.
If you aren't ready yet for Azure AD or two-factor authentication, you can set up a basic data loss prevention (DLP) policy in Office 365 if you have E3 licenses. DLP policies are slightly limited and don't offer encryption. So you can only limit access to content rather than automatically encrypt. And DLP policies have limited configuration options. But they are a great place to start!
Watch Sam configure simple data loss prevention policies using the Microsoft Cloud.
Hopefully we've helped part the clouds and explained basic security measures you can take today using Microsoft Office 365 tools to safeguard your nonprofit.
Other articles in the Microsoft series include
Image: Kinga / Shutterstock
Join today to access donations and discounts for your nonprofit or library.
Already a member?