How to Protect Priority Accounts in Microsoft 365?

Certain users and departments in every organization have access to sensitive and confidential data. Such accounts are particularly vulnerable to cyber-attacks and phishing. These accounts require additional protection to minimize risks. Microsoft 365 provides Priority Accounts that offer advanced capabilities to protect accounts with sensitive data. Priority Account Protection and Premium Mail Flow Monitoring are the primary capabilities to secure and monitor sensitive information in Microsoft 365 mailboxes. In this article, we will explore how organizations can protect priority accounts in Microsoft 365.

How to Apply Priority Account Protection to Mailboxes?

There are two methods for adding priority accounts.

Adding priority accounts from the Setup page

• Navigate to the Microsoft 365 admin center and go to Setup > Organizational knowledge > Monitor your most important accounts > View.
• Choose Manage or Get Started, to open the Add Priority accounts page. Type the name or email address of the person to be added to the priority accounts list in the search bar. Other settings, such as setting email threshold for failed or delayed emails, can also be managed from this page.

Adding priority accounts from the Active users page

• From the Microsoft 365 Admin center, navigate to Users > Active users.
• Select more actions (…) from the top of the page, and then click on Manage priority accounts.
• Click on Add accounts, and type in the name of the person to be added to the priority accounts list.

How to Provide Additional Security for Priority Accounts?

Microsoft 365 and Microsoft Defender for Office 365 offer several security features to protect priority accounts. Here are some of the recommendations to protect priority accounts.

• Legacy authentication protocols should be disabled globally for priority users, and multi-factor authentication (MFA) can be used to increase sign-in security. Authentication policies and Client Access Rules can be configured to disable POP3 and IMAP4 access on priority account mailboxes.
• Stringent preset security policies should be implemented for priority accounts using the Strict profile preset.
• User tags in Microsoft Defender for Office 365 Plan 2 can be used to quickly identify and classify specific users or groups of users in reports and incident investigations.
• Extensive reports, alerts, and investigation tools in Exchange Online Protection and Defender for Office 365 can be used to quickly identify incidents or detections involving tagged priority users.
• Microsoft 365 resources must be used to establish a strong culture of security awareness within the organization, including training users to identify phishing attacks.

Apps4Rent Can Help with Microsoft 365 Priority Accounts

Priority account protection is available only with Microsoft Defender for Office 365 Plan 2, which is available in Office 365 E3, Office 365 E5, Microsoft 365 E5, or Microsoft 365 E5 Security. Additionally, only organizations with at least 5000 licenses of Office 365 E3, Microsoft 365 E3, Office 365 E5, or Microsoft 365 E5, or a combination of these plans, have access to the Mail Flow Monitoring feature.

As a Microsoft Gold Partner in several competencies, Apps4Rent can help with Microsoft 365 licensing, configuration, and customization. Call, chat, or email our senior Microsoft 365 consultants, available 24/7 for assistance.