Recent Russian attacks in the U.S. have brought into clear light the necessity to implement Multi-factor Authentication (or “2fa”) and End-point Protection for Cloud-based systems. While these are currently security options, it is becoming increasingly apparent that they should be “must-haves” in this new age of heightened security. Given the continually escalating “hacking” attempts, we expect that Microsoft will soon make this option the default for all Office 365 users to secure your Office 365 systems.

While it is already mandatory for Microsoft Partners to implement, we would not be surprised if the option to disable it were removed entirely as a means of enforcing this necessary security step across the user base. With that in mind, it is best to implement it now while you have some control over it.

Turning on Multi-factor Authentication:

Multi-factor Authentication is already available in Office 365 as an option that can be turned on or off on a per-user basis. You must log in to Office 365 as an Admin and go to the “Users” section… then click on “Multi-factor authentication”…

Secure your Office 365 systems_1

… Select the user(s) and choose “Enable” to turn on Multi-factor authentication:

Secure your Office 365 systems_2

At this point, Mfa\2fa is enabled for that user and when they next try to logon to O365 they will be prompted with a wizard that steps them through the process of configuring their Mfa\2fa settings.

To proceed, they will require their phone as well as access to a browser. The process involves scanning a QR code with their phone and essentially “links” the Mfa\2fa to that phone – using either the Microsoft Authenticator App (which they must download) or via a Text message. Their settings for Mfa\2fa can be found at the “Additional Security Verification” link, from which they can specify alternate phone numbers to connect Mfa\2fa and\or add\remove devices to connect to the Microsoft Authenticator App:

Secure your Office 365 systems_3

Once Mfa\2fa has been “enabled” for a user, you will see a new option in the Multi-factor Authentication screen for that user, which is to “enforce” it:

Secure your Office 365 systems_4
Secure your Office 365 systems_5

Enforcing” Mfa\2fa is slightly different than “Enabling” it in that once Mfa\2fa “enforced” for that user, they will need to create an “app password” to use in Non-browser programs (e.g. on-premise programs that connect to your Office 365 system) such as Outlook.  App Passwords can be added\deleted from this link:

Secure your Office 365 systems_6
* If a user suspects their password has been “hacked” they should change their password immediately AND also change their App Password.

Note that there are also third-party Multi-factor Authentication apps (such as “Duo” or “GoogleAuthenticator”) which you can use with your On-premise products if you do not wish to use the built-in Office 365 Mfa\2fa.

If you have challenges with enabling Multi-factor Authentication on your Office 365 systems, please reach out to us at and we can assist you with getting this setup.

About End-Point Protection

“End-point protection” refers to software security tools that will help protect your PC\laptops\devices from phishing and hacking attempts. BitDefender is one of the leading software packages for end-point protection.

End-point protection is important to implement as most breaches (especially ransomware attacks) occur because a user clicks on a link from their PC\laptop and that loads viruses\keystroke recorders or other related phishing code. End-point protection tools help to prevent these “codes” from running.

There are a wide variety of End-Point protection software packages available but the “top 5” recommended are:

Secure your Office 365 systems_7

Secure your Office 365 systems with VOX ISM

VOX ISM provides an Office 365 “Enhanced Security and End-point Protection” package which includes BitDefender as part of its solution as well as including an intuitive interface for managing settings and configurations for On-line systems along with pre-configured “template” profile settings that allow for prevention and early warning of possible insecure settings within On-line systems

We also offer a “Secure Backup Protection” package with provides you with fully configurable Off-site backups of your on-premise (local) files as well as Office 365 mailboxes, OneDrive and SharePoint files. ().

Why would you need Off-site backup protection if your Dynamics 365 Business Central and Customer Engagement\CRM databases are already automatically backed up by Microsoft? … well, those backups do NOT include Office 365 email, SharePoint sites or OneDrive files. They only include the actual BC\CRM Databases.

Some key points about the “Vox Secure Backup Protection”:

• 35% of on-premise backups fail (you cannot restore from them). Either due to old media being used, or a bad sector on a drive or simply not maintained\tested.

• Ransom-ware attacks files through the network so, local backups often run the risk of being affected by ransomware as well … putting your data at great risk.

• The Secure Backup protection offers secure Off-site backups to ensure the safety of backups and recoverability.

• Applies to Databases and key files\folders for On-premise systems and backups of Office 365 Email, Sharepoint and OneDrive files for Online systems.

• Flexible pricing based on usage is available (based on 50GB\mnth packets)

Whether you go through VOX ISM or any other vendor, please ensure that you implement Multi-factor Authentication and End-point protection soon to secure your Office 365 systems. You should also ensure you have adequate redundant backup strategies and a Disaster Recovery Plan.

Please feel free to reach out to your VOX ISM associate if you want further information or assistance.

Blog post by Trevor Reid, Senior Technology Consultant, VOX ISM
Email: Phone: 416-571-1263

Trevor has been working in the IT industry for 30 years and has been with VOX ISM (and its affiliated company, Shop9000) for over 20 years. He has helped in implementing, upgrading and supporting hundreds of ERP systems including Microsoft Dynamics NAV and Infor\VISUAL ERP.

His focus is on the technical design, installation and on-going support of the VOX ISM solutions and his expertise includes SQL Server\Oracle, SharePoint, CRM\NAV Technical support, Mobility\IFD (Remote Access), Database Upgrades, Migrations and other areas of IT  infrastructure and administration.

He began his IT career working in the Aerospace industry for DeHavilland and from there joined VOX ISM to continue to support the Canadian manufacturing industry.