Cloud productivity security
Microsoft 365 Security Basics for Small Businesses
Microsoft 365 often holds the email, files, calendars, and collaboration tools a business depends on. A few practical checks can reduce risk and make the environment easier to support.
Turn on MFA
Multi-factor authentication makes it harder for someone else to sign in even if a password is guessed, reused, or stolen.
Review admin accounts
Admin access should be limited, protected with MFA, and checked for old users, former vendors, or unused accounts.
Check forwarding rules
Unexpected forwarding or hidden inbox rules can be a sign of mailbox compromise and should be reviewed.
Clean up access and sharing
Old users, shared mailboxes, distribution groups, OneDrive folders, and SharePoint links should be reviewed periodically. The goal is not to lock everything down blindly; it is to know who has access and why.
- Turn on MFA for users and admins.
- Remove old users and unused admin accounts.
- Review mailbox forwarding and suspicious inbox rules.
- Check shared mailboxes, groups, and external sharing links.
- Understand what is backed up and how recovery would work.
- Document important settings and vendor access.
Where Grant-Tech fits
Grant-Tech helps Chicago-area businesses with practical Microsoft 365 and Google Workspace support, account review, MFA setup, shared files, basic security settings, and backup planning.
Need help reviewing Microsoft 365?
If you are not sure who has access, whether MFA is set up well, or what is protected, Grant-Tech can help review the basics.