Challenge #3
Secure Data by Restricting User Consent
Enhance your data security by managing user consent for applications in Microsoft 365. Ensure every app accessing your company’s data receives your explicit approval.
Why?
Every application your team uses could be a gateway to sensitive company data. But what if users, unknowingly or accidentally, give these applications access to your information? That’s where the power of restricting user consent comes into play. This setting in Microsoft 365 ensures that any application seeking access to your data doesn’t get a free pass—it must be approved by you, the administrator, or whoever is responsible for IT (e.g., Third Octet).
Think of your company data as a treasure that needs guarding. Without proper oversight, it’s like leaving the treasure chest unlocked. By managing user consent, you’re effectively putting a robust lock on this chest. This way, only applications that have your explicit permission can access your precious data, keeping out those that might misuse it. Remember, it’s not about limiting your team’s tools; it’s about making sure each tool is safe and right for your business.
How?
Adjusting your Microsoft 365 settings to restrict user consent is straightforward. Here’s how to ensure that applications access your company data only with your approval:
Step 1: Go to the Entra Admin Center
On your computer, launch a new browser window (Edge, Chrome), and type in https://entra.microsoft.com/ and press enter.
Note: You will require Microsoft 365 administrative credentials – be sure to have the username and password ready.
Step 2: Navigate to Application Settings
Within the Microsoft Entra Admin Center:
- Look for and select Identity along the left-hand side menu
- Under Identity, look for and select Applications
- Under Applications, select Enterprise applications
Step 3: Modify Consent and Permissions
- Within the Enterprise applications window, under Security, find and select Consent and permissions
Step 4: Set Restriction on User Consent
- Within Consent and user permissions, find the section for User consent for applications
- There are three available options:
-
Do not allow user consent: An administrator will be required for all apps.
-
Allow user consent for apps from verified publishers, for selected permissions: All users can consent for permissions classified as “low impact”, for apps from verified publishers or apps registered in this organization.
-
Allow user consent for apps: All users can consent for any app to access the organization’s data.
-
- While Microsoft may recommend Allow user consent for apps from verified publishers, we prefer the more restrictive option Do not allow user consent.
- Both options are inherently more secure than the last option, Allow user consent for apps
Step 5: Save Your Settings
- Once you are satisfied, click Save by selecting the Save icon on the top of the User consent settings window.
While you’re here…
Leveraging the Microsoft Digital Defense Report for Robust SMB Protection
Microsoft’s 2023 Digital Defense Report is a critical resource for Small and Medium-sized Business (SMB) leaders, offering valuable insights for transforming cybersecurity challenges into growth opportunities. The report highlights a shift in cyber threats, emphasizing the increasing complexity of supply chain vulnerabilities, ransomware, and phishing operations. It serves as a guide for SMBs to navigate these threats and protect their future.
SMB Guide to Combating Ransomware
The rise of ransomware poses a significant threat to Canadian SMBs. These malicious attacks encrypt data, demanding a ransom for its release. While the temptation to pay is high, there’s no guarantee of data recovery. The best defense for SMBs includes preparation, proactive security measures, and continuous employee education. Staying informed and seeking expert guidance can fortify businesses against these ever-evolving cyber threats.
Securing Your Business: Moving Beyond Frequent Password Changes
Navigate beyond the outdated practice of frequent password changes to embrace a modern, user-centric approach to cybersecurity. With the rise in misuse of usernames and passwords, it’s clear that a shift is needed.