top of page

Security Hygiene: Fundamentals from the Microsoft Digital Defence Report 2023

Updated: Nov 13, 2023

As a proud Microsoft Partner, we are continuously looking for ways to better improve our customers' security posture, being well-supported by the backing of Microsoft's comprehensive security portfolio. As cyber resilience and its baseline requirements evolve alongside the sophistication of threats, understanding how best to protect your organisation can be a challenge.

The Microsoft Digital Defence Report 2023 details the current landscape of security, stating that

Over 99% of attacks can be protected against by improving security hygiene practices.

Check out some of the key focus points for improving your organisation's security hygiene from the report, below.

Microsoft's 5 Key Minimum Security Hygiene Standard Practices

1. Enable multifactor authentication (MFA)

This protects against compromised user passwords and helps to provide extra resilience for identities.

2. Apply Zero Trust principles

The cornerstone of any resilience plan is to limit the impact of an attack on an organisation.

These principles are:

Explicitly verify. Ensure users and devices are in a good state before allowing access to resources.

Use least privilege access. Allow only the privilege that is needed for access to a resource and no more.

- Assume breach. Assume system defences have been breached and systems may be compromised. This means constantly monitoring the environment for possible attack.

3. Use extended detection and response (XDR) and anti-malware

Implement software to detect and automatically block attacks and provide insights to the security operations software. Monitoring insights from threat detection systems is essential to being able to respond to threats in a timely fashion.

4. Keep up to date

Unpatched and out of date systems are a key reason many organisations fall victim to an attack. Ensure all systems are kept up to date including firmware, the operating system, and applications.

5. Protect data

Knowing your important data, where it is located, and whether the right defences are implemented is crucial to implementing the appropriate protection.

According to Viatel Technology Group's Microsoft Practice Director, Finian Nally, now more than ever all organisations, big and small, need to have a constantly improving mindset around security and move into cyber resilience mode.

"The goal posts continue to move and organisations need to think more about how their devices, locations, staff, key systems and data are protected in real time. Day by day protections like modern policy enforced Multi Factor Authentication (MFA) are now basic requirements for every user in every organisation."

Finian Nally

Microsoft Practice Director,

Viatel Technology Group

The Power of Partnerships

Ensuring that your business is protected is critical but it's not a journey that needs to be taken alone. While implementing the above fundamentals is a great step in the right direction, working with a partner to guide you on some of the key decisions in this ever-changing landscape is invaluable.

If you would like to explore more about these security hygiene practices or need some guidance on how best to improve your organisation's cyber security, contact us today by emailing and one of our cyber security experts will be in touch.


bottom of page