5 Steps to Secure Your Team’s Outlook Web App (OWA) Accounts


Our teams are relying on Outlook Web App and CRM in Outlook more and more to get their jobs done. This Microsoft technology is an email client, task manager, and calendar rolled into one. We have everything from confidential emails to financial information stored in this program.

This means that our OWA security is a top priority. One wrong move, and we could risk serious, even legal, liability if we lose customer or client information to a security breach.

So how do you keep OWA safe? These are the five best steps you can take to keep your Outlook Web App accounts secure.

Two-Factor Authentication

The first thing you should do is set up two-factor authentication.

Two-factor authentication is a feature that requires you to “authenticate” a sign in. This uses a secondary code sent to a phone or authenticator app to confirm that it is in fact you who are trying to log on.

Here’s how to set it up.

  1. Make sure to have two emails, a phone, and an authenticator app ready
  2. Head to the Security Basics page
  3. Log into your account
  4. Under Two-Step Verification you can set up two-step verification
  5. You can set it to either send the authentication code to your phone or authenticator app

With this feature set up, someone would have to physically have your phone in order to gain access to your OWA account. If you’re looking to implement 2FA at scale for an enterprise environment, solutions like LoginTC offer scalable solutions to do just that.

Whether you go through OWA’s settings, or a scalable external solution, 2 factor authentication is undoubtedly one of the best ways to keep your team’s OWA accounts secure.

Use Smarter Passwords

The next step is the second best way to stay secure.

Update your old passwords to something a little harder to guess. It’s also a good idea to change these passwords every now and then. Make sure to never use the same password twice and try not use too similar variations.

Using a password manager app can help you have more secure passwords without having to memorize them all.

Understand Your Security Threat Model

What is your OWA threat model?

Most companies don’t even have a threat model to begin with, so let’s start with what a threat model even is.

A cybersecurity threat model is a concept that originated in the Information Security arena. This basic idea is that each person, each company, and each organization face different security threats.

Think about it this way, your local mechanic’s shop isn’t going to have the same security threats as a multinational corporation. It also comes down to specifics. While both of those companies have different scales when it comes to their threats, they will also share some threats like having customer information stolen in a data breach.

Think about your team, your business, and your goals when coming up with your threat model. This will be the framework that you use to help make decisions about what to secure first and how to do.

Using OWA While Traveling 

Everyone now and then your team needs to hit the road. Whether they’re traveling outside the country for a big meeting or getting coffee in town, you need to keep your OWA accounts secure while on public Wi-Fi.

You could use a VPN for maximum security. This is a “virtual private network” and it masks all internet communications from prying eyes. It’s far and away the safest way to use public Wi-Fi.

Your team should also be ready to take more practical steps. These include making sure no one is looking when entering passwords and not leaving laptops unattended while out and about.

The Most Important Security Step Your Team Can Take

The biggest security risk any technology faces isn’t usually the program itself, but the human factor.

All of these security steps we’ve talked about so far won’t do much good if people either forget to use them or have unsafe online practices. Keep your team informed about emerging security threats, common email scams, and how to safely use OWA and you’ll rarely have to worry about security concerns.


Please enter your comment!
Please enter your name here