Cyber Security

What are Microsoft’s best practice for securing email?

Microsoft provides a comprehensive set of best practices and recommendations for securing email, especially when using their Office 365 and Microsoft 365 platforms. Here are some of the key best practices for securing email:

Enable Multi-Factor Authentication (MFA): This adds an additional layer of security by requiring two or more verification methods: something you know (password), something you have (a trusted device), or something you are (fingerprint or facial recognition).

Use Strong Passwords: Encourage users to set strong, unique passwords and consider implementing a password policy that requires complexity and regular changes.

Educate Users About Phishing: Regularly train and educate users about the dangers of phishing emails and how to recognize them.

Advanced Threat Protection (ATP): Use Microsoft's ATP to protect against sophisticated threats hidden in email attachments and links, and get cutting-edge defenses against zero-day threats, ransomware, and other advanced malware attempts.

Mailbox Auditing: Turn on mailbox auditing to log mailbox access by mailbox owners, delegates, and administrators.

Message Encryption: Use Office 365 Message Encryption to encrypt emails that contain sensitive information. This ensures that only the intended recipient can read the email.

Data Loss Prevention (DLP): Implement DLP policies to monitor the actions that are being taken on items you've determined to be sensitive and to help prevent the unintentional sharing of those items.

Mobile Device Management (MDM): Use MDM to control which devices have access to email, enforce device security policies, and perform remote wipes of lost devices.

Anti-Spam and Anti-Malware Policies: Ensure that Office 365's anti-spam and anti-malware filters are configured and kept up-to-date.

Safe Attachments and Safe Links: With ATP, you can check email attachments and web links for malicious content.

Configure SPF, DKIM, and DMARC: These are email authentication methods designed to detect email spoofing and protect users from phishing attacks.

SPF (Sender Policy Framework): Helps prevent spoofing by verifying that the email is sent from a domain that is authorized to send it.

DKIM (DomainKeys Identified Mail): Adds a digital signature to emails, allowing the recipient to verify that the email was sent from an authorized system and hasn't been altered.

DMARC (Domain-based Message Authentication, Reporting, and Conformance): Builds on SPF and DKIM and provides a way for recipients to report back to senders about emails that fail authentication checks.

Regularly Review Security & Compliance Center Reports: Microsoft provides various reports that can help you identify potential security issues, so it's a good practice to review these regularly.

Limit Mail Forwarding: Disable automatic mail forwarding to external addresses to prevent data leaks or theft.

Implement Role-Based Access Control (RBAC): Ensure that only necessary personnel have access to specific features in the Exchange admin center.

Regularly Update and Patch: Ensure that all systems, including email servers and clients, are regularly updated and patched to protect against known vulnerabilities.

Backup: Regularly backup emails and ensure that backups are secure and can be restored quickly in case of data loss.

Remember, while these best practices can significantly enhance email security, no system is entirely immune to threats. Continuous monitoring, user education, and staying updated with the latest security recommendations are crucial.

If you want advise on securing your email then Missing Link have a range of security solutions and MFA technologies, so depending on your requirements or risk tolerance we have a solution to suit your needs. If you would like to discuss this or any other related topic, then please contact myself or one of the Missing Link team on or call 01257 473445 and we will happily guide you through all the pros and cons associated to such a technology.

Click here to download the file in pdf format

Why do we need MFA? It’s too much like hard work


Multi-Factor Authentication (MFA) might seem like an extra step, but it plays a crucial role in enhancing security. Here's why MFA is essential and worth the slight inconvenience:

  1. Enhanced Security: The primary purpose of MFA is to provide an additional layer of security. Even if someone obtains your password, they won't be able to access your account without the second factor, which could be something you have (like a phone or a hardware token) or something you are (like a fingerprint or facial recognition).
  2. Protection Against Phishing: Phishing attacks, where attackers trick individuals into revealing their passwords, are prevalent. With MFA, knowing the password alone isn't enough.
  3. Defence Against Password Attacks: Attackers use various methods, like brute force, dictionary attacks, or credential stuffing, to crack passwords. MFA ensures that even if they succeed, they can't gain access.
  4. Mitigate Stolen Data: If there's a data breach and usernames and passwords are exposed, accounts with MFA are less likely to be compromised.
  5. Regulatory Compliance: Many industries have regulations that require enhanced security measures, including MFA, especially when handling sensitive data.
  6. User Peace of Mind: For users, knowing that there's an extra layer of security can provide peace of mind, especially if they're dealing with financial transactions or sensitive information.
  7. Flexibility: MFA can be implemented in various ways, from SMS codes to biometrics, allowing organisations to choose the method that best fits their needs and their users' preferences.
  8. Adaptive MFA: Some MFA systems can adapt their checks based on risk. For example, if a user logs in from a new location or device, the system might request MFA, but for regular logins from a known device, it might not.

While MFA does introduce an extra step, many systems are designed to be as user-friendly as possible. For instance, some allow "remembering" trusted devices, so you don't need to use MFA every time. Others use smartphone apps or biometrics, which can be quicker than entering a password.

In today's digital age, with cyber threats continually evolving, MFA is a small but significant step towards ensuring that our online accounts and data remain secure.

Missing Link have a range of MFA technologies, so depending on your requirements or risk tolerance we have a solution to suit your needs. If you would like to discuss this or any other related topic, then please contact myself or one of the Missing Link team on or call 01257 473445 and we will happily guide you through all the pros and cons associated to such a technology.

Click here to download the file in pdf format

What types of managed services do you offer?

At Missing Link we often get asked this question and then a follow-up of why we are better than anyone else. We understand that In the digital age, businesses are more reliant than ever on technology. But not every company has the tech-savvy team to handle all their IT needs.

What are IT Managed Services?

In simple terms, IT managed services are outsourced tech solutions. Think of them as your external IT department. They handle everything from network management to cybersecurity, ensuring your business's tech runs seamlessly.

Key IT Managed Services Every UK Business Should Know About:

  1. Network Management:
    • What it is: Ensuring your business network runs without a hitch.
    • Why it's essential: A smooth network means no unexpected downtimes and efficient business operations.
  2. Cloud Services:
    • What it is: Helping your business utilise the cloud, from migration to daily management.
    • Why it's essential: The cloud offers secure data storage and easy access, making business operations more flexible.
  3. Cybersecurity:
    • What it is: Protecting your business from online threats.
    • Why it's essential: With cyber threats on the rise, ensuring your business's digital safety is paramount.
  4. Data Management:
    • What it is: Storing, backing up, and recovering your business data.
    • Why it's essential: Data is the heart of your business. Keeping it safe ensures your business's longevity.
  5. End-User Support:
    • What it is: Providing tech support to your employees.
    • Why it's essential: Happy employees mean a productive business.
  6. IT Consultancy:
    • What it is: Offering expert advice on your business's IT strategy.
    • Why it's essential: Stay ahead of tech trends and ensure your business is always at the forefront.
  7. Software-as-a-Service (SaaS) Management:
    • What it is: Managing and supporting your business's software applications.
    • Why it's essential: Ensure all your applications run seamlessly for efficient operations.

Why Should Your Business Consider IT Managed Services?

  • Cost-Efficiency: It can be cheaper than hiring a full-time in-house team.
  • Expertise on Tap: Access to a team of IT experts without the recruitment hassle.
  • Scalability: As your business grows, your IT needs will change. Managed services can adapt to your needs.
  • 24/7 Support: Day or night, there's always someone to help out with any tech issues.

In Conclusion

If you're a UK business, IT managed services could be the game-changer you've been waiting for. From ensuring your network runs smoothly to protecting your precious data, these services offer a comprehensive tech solution. So, why not consider outsourcing your IT needs and focus on what you do best - running your business!

If you would like to discuss this or any other related topic, then please contact myself or one of the Missing Link team on or call 01257 473445 and we will happily guide you through all the pros and cons associated to such a technology.

Click here to download the file in pdf format

Why do I need a new firewall, what’s up with the one I have?

Firewalls are an essential component of network security as they help protect your computer or network from unauthorised access and potential threats. If you already have a firewall in place, it's important to evaluate its effectiveness and determine whether upgrading to a new firewall is necessary. Here are a few reasons why you might need a new firewall:

Outdated technology: If your current firewall is outdated, it may not be equipped to handle the latest threats and security vulnerabilities. Hackers and malicious actors are constantly evolving their techniques, and newer firewalls often come with updated features and enhanced protection mechanisms.

Insufficient performance: As your network grows and more devices are connected, your existing firewall may struggle to handle the increased traffic. This can lead to performance issues, such as slow internet speeds or network congestion. Upgrading to a more powerful firewall can help ensure that your network operates smoothly and efficiently.

Advanced threat detection: Newer firewalls often incorporate advanced threat detection mechanisms, such as intrusion prevention systems (IPS), deep packet inspection (DPI), or behavior-based analysis. These features can identify and block sophisticated threats like malware, ransomware, or zero-day attacks more effectively than older firewall models.

Enhanced security features: Modern firewalls may offer additional security features that can provide better protection for your network. For example, they might include application control, content filtering, virtual private network (VPN) support, or secure remote access capabilities. Assess your specific security requirements to determine if these features would be beneficial for your network.

Compliance requirements: If you operate in an industry that has specific compliance regulations, such as healthcare (HIPAA) or finance (PCI DSS), you may need a firewall that meets those requirements. Upgrading to a new firewall that is compliant with the necessary regulations can help ensure that you adhere to the industry standards.

It's important to note that while firewalls are a crucial part of network security, they are just one component. A comprehensive security strategy may also involve other measures like antivirus software, regular security updates, user education, and network monitoring. Assessing your network's specific needs and consulting with a Missing Link specialist can help you determine whether a new firewall is necessary and which features would best suit your requirements.

Click here to download the file in pdf format