Cybersecurity
Email Security Hardening for Microsoft and Google Workspaces
A focused hardening checklist for business email environments to reduce phishing, spoofing, and account takeover risk.
Enforce identity security baselines
Email security starts with identity hardening. Require MFA and disable legacy authentication.
Reduce admin exposure by minimizing privileged accounts.
Action checklist
- Require MFA for all users and admins.
- Disable legacy and basic auth methods.
- Apply least-privilege admin roles.
Configure SPF, DKIM, and DMARC
Authentication records protect your domain from spoofing and improve mailbox trust.
Move gradually from monitor mode to enforcement.
Action checklist
- Publish valid SPF for approved senders.
- Enable DKIM signing for outbound mail.
- Set DMARC policy and review reports.
Tighten inbound protection policies
Modern threat controls can block suspicious links, attachments, and impersonation attempts.
Tune policies based on observed false positives and threat patterns.
Action checklist
- Enable advanced anti-phishing protections.
- Block risky attachment types.
- Enable safe link rewriting or detonation where available.
Monitor and respond to anomalies
Continuous monitoring catches suspicious login and mail-flow anomalies early.
Define response actions for compromised mailbox scenarios.
Action checklist
- Enable alerting for impossible travel and suspicious sign-in.
- Audit forwarding rules regularly.
- Document mailbox compromise response steps.