Frequently Asked Questions for Microsoft Security Services

I have a cybersecurity incident. What kind of assistance can Professional Advantage help me with?

It is unfortunate that you are going through a cybersecurity incident. Our security services are not just limited to the prevention of a data breach or phishing attack, but we also assist with responding and recovering your data. 

Please get in touch with us at 1800 126 499 or email us at to get help from one of our cybersecurity experts.

What is the difference between Office 365 Security, Enterprise Mobility + Security, and Microsoft 365?

Office 365 already has basic security capabilities such as multi-factor authentication (MFA), data loss prevention (DLP), mail filtering, and anti-malware. E5 subscription also has eDiscovery, a stripped-down version of Advanced Threat Protection, auto data classification with Advanced Data Governance, and Office Cloud App Security.

Enterprise Mobility + Security is Microsoft’s mobile and security management platform composed of security solutions related to identity and access management, information protection, threat protection, cloud app security, and mobile security. These security products can be implemented on top of Office 365 and extended to your third-party software investments.

Microsoft 365 combines Office 365, Windows, and selected EMS features in one bundle. Depending on the plan you choose, the security features included in Microsoft 365 can be Advanced Threat Protection, Intune, Advanced Threat Analytics, Identity and Threat Protection, Azure Active Directory, Information Protection, and Azure Advanced Threat Protection.

How does Office 365 help me with compliance?

Compliance with government-mandated regulations such as the National Data Breach (NDB) and the General Data Protection Regulation (GDPR) is one of the major concerns of many businesses. Office 365, however, can be instrumental in complying with these policies. It already has built-in features that respond to the requirements of these regulations.

An example of this would be the encryption of physical disks; encryption of data at the application level; and encryption of emails and files in transit. It can also allow your IT to monitor and track user activities via the Office 365 audit logs. You can read more about how Office 365 helps with your compliance obligations in this blog.  

What are the best practices for cloud security?

We recommend these five best practices to help you keep your data safer in the cloud.

  1. Strengthen access control.
  2. Improve security posture.
  3. Secure apps and data.
  4. Mitigate threats.
  5. Protect the network.

 You can download the infographic in this blog to get a step-by-step walkthrough on how to protect your data in the cloud and learn how to identify security threats early.

What is the minimum requirement for securing my Office 365 environment?

First of all, you need to assess how secured your environment is by checking your Microsoft Secure Score and taking necessary steps to improve it. You also need to turn on data loss prevention (DLP) and multi-factor authentication (MFA) when you deploy Office 365.

We can guide you with the right combination of tools to help you protect your Office 365 environment. Visit this page to learn more.


Source: Microsoft

What is Essential Eight and how does it protect my business?

Essential Eight is a baseline security strategy recommended by the Australian Signals Directorate (ASD) to protect businesses against cyber threats. It is composed of eight strategies 

  1. Application Whitelisting.  
  2. Application Patching.  
  3. Operating System Patching.  
  4. Restriction of Administrative Privileges.  
  5. Configuration of Office Macros.  
  6. Application Hardening.  
  7. Multi-Factor Authentication.  
  8. Review Backups.  

These eight strategies, when implemented correctly, can greatly assist in defending against common cyber threats. Learn more about Essential Eight in this blog

What is Managed Security Services?

The concept of Managed Security Services is very similar to a regular Managed Services where your IT environment is monitored and managed proactively by a third-party IT partner. Managed Security Services offers the same kind of arrangement but with more emphasis on intrusion detection, risk intelligence, and responding to security incidences.

Visit this page to learn more about our Managed Services.

Does Microsoft 365 include security?

Yes it does.

How can you tell if an email is phishing?

Here are some of our pointers on how to spot a phishing email.

  • Unusual, urgent request.
  • Suspicious links or attachments.
  • Dubious sender.
  • Badly written email.

Read our pointers in more detail with specific examples on how a phishing email looks like as well as what to do when you encounter one in this blog.

Alternatively, you may call us at 1800 126 499 or email us at if you need assistance with a cybersecurity incident.

Why is Application Whitelisting important?

Application Whitelisting focuses on going through a process of creating a list of applications required by the business, based on various user roles and activities, which effectively means that any unapproved applications (which includes malicious code that may have found its way into your environment) not part of the Whitelist will not work. It is part of the Essential Eight risk mitigation strategy by the Australian Signals Directorate.

Application Whitelisting is important for these reasons:

  • It allows only trusted apps to run.
  • It protects against zero-day attack.
  • It reduces overall IT TCO due to the lesser effort required by IT to fix security issues.

We discussed in more detail why Application Whitelisting is essential for every business in this blog.