Cybersecurity and User Experience – how to strike a balance with Microsoft 365

If your cybersecurity and user experience aren’t in balance in your installation of Microsoft 365, you’re setting yourself up for trouble. This is for two interlocking reasons:

One, cybersecurity has an (often undeserved) reputation for making life more difficult. However, skipping good cybersecurity costs businesses millions of pounds every year.

Second, the more that something becomes a chore, the less people (read: your team) will stick to the plan. And even the best cybersecurity setup will rely on their cooperation.

This doesn’t mean you should dial down your cybersecurity to make things easier for your team in their day-to-day work.

But there are some things you can do to make your team’s user experience better. This will help encourage their proactive participation in your organisation’s (soon-to-be excellent) cybersecurity:

Why is user experience so important to get right?

User experience is all about the usability and ease of interaction someone has in their day-to-day use of a system.

The key UX cybersecurity takeaway is that introducing too much complexity and too many steps in – for example – a log-in process, may not result in enhanced security. Instead, it may:

  1. Reduce engagement with good practice – if we make engagement with good cybersecurity practices difficult, awkward, and time-consuming, we make it more likely that our teams will try to implement a workaround.
  2. Negatively impact team productivity – more, if figuring out how to do things safely takes a lot of time or effort, there can be a significant overall impact on productivity.
  3. Create more work for your IT team – if you find your internal IT team is constantly fielding password reset requests, it may be an indication that processes are too complex or that they haven’t been explained well enough.

Somewhat counter-intuitively, it is simplified practices that may actually improve cybersecurity.

How to get a better Microsoft 365 user experience

Microsoft has embraced smart, smooth solutions to cybersecurity in a big way. It is working constantly to update both the security it offers and the user experience it delivers.

This means it provides numerous useful apps and functions as part of Microsoft 365.

Here are the things it is definitely worth looking into if you want to improve the user experience (and thus, the security) that Microsoft 365 delivers:

1) Use Microsoft Defender

Once known as Advanced Threat Protection, Defender is Microsoft 365’s advanced threat protection against most cyber threats.

The latest versions even do things like provide native link rendering. This is excellent protection against the latest generation of business email compromise attacks that spoof trusted contacts in your own organisation.

Based in the cloud, Defender uses machine learning technology to provide protections that are constantly getting better. It also comes with its own policy settings that you can tweak.

These policy settings do things like let you alter how often Defender sends warnings and reports to your team. Editing them might feel satisfying. But they’re also a bit risky to go playing around with if you’re not an expert. The functionality is there though.

2) Employ Microsoft Intune

The fact Intune used to be called “Endpoint Manager” gives you a pretty good idea of what it’s set up to do.

In a world where home and remote working are common, you want your team to properly engage with any processes you have for making sure the devices they use are registered and protected.

Intune lets you control all endpoints centrally. This lets you roll out software and security updates and handle lost device issues nice and easily.

It’s a great balance between good cybersecurity and ease of use (on top of which it has cool graphics and scores that let you measure how well you’re doing).

3) Implement MFA and SSO

Lengthy, repeated, multiple log-in requests tend to result in your team coming up with clever ways to get around security measures and on with their working day.

There are two ways you can use the latest combination of the best cybersecurity practices and user experience improvement strategies using Microsoft 365 (you’ll note that both of these are designed to make things easier for users while improving security):

1) MFA (Multi-Factor Authentication)

A factor is something you remember (like a password), something you are (like a fingerprint), or something you have (like a mobile device or keycard).

Multi-Factor Authentication requests more than one (multiple) factors to ensure the person logging in is who they say they are.

Some of these factors take less time than others. For example, Microsoft Entra Verified ID includes Face Check technology that makes facial recognition very quick and easy.

2) SSO (Single Sign-On)

Single Sign-On is much as it sounds. Using a variety of clever methods, SSO allows your team to sign on just once and have this “count” for multiple systems or applications without compromising your organisation’s security.

Get expert help and do cybersecurity right

Many Microsoft 365 settings and policies can be edited to provide a better user experience. But you should be wary of having your team do so if they don’t have that necessary expertise.

Because the balance between user experience and good cybersecurity is a fine line to walk. Trying to improve one at the expense of the other is ultimately self-defeating.

Want to talk through some of the ways you could enhance your business’s security and your team’s productivity?

Reach out to us today. Dial A Geek is already trusted by over 1000 businesses in Bristol and the UK to help them protect themselves and grow in future.

Set up a cost and commitment-free chat with Chief Geek Gildas Jones today.