Customizing Your Office 365 Portal

If you belong to an organization that has not customized its Office 365 portal, you will undoubtedly find the above graphic very familiar.  It is the generic landing page where you enter your credentials in order to gain access to Office 365 and its many features and applications.

Microsoft is adding functionality to Office 365 to improve security and as a part of this effort has introduced a new interface to the portal.  Your log in experience now will be a little different – this is something you will need to get used to since it will be the new normal by the end of October 2017.  The new screen will now look like the following:

Unfortunately, the familiarity of the current generic portal landing page has sparked the interest of many bad actors lately.  Phishing campaigns trying to get credentials for Office 365 have been on the rise, and will probably only get worse with these changes, which is why you should really consider customizing your portal sooner rather than later.

Microsoft published a TechNet article that does a good job outlining the various areas where customization can take place and their placement on the screen as well.  This illustration uses the current (soon to be old) portal as an example of three simple changes you can make:

In this example, Image 1 needs to be a JPG or PNG with the image dimensions of 1920 x 1080 px and a file size less than 300kb.  This image should be something identifiable to your organization and readily familiar to your employees.

Image 2 is typically either a graphic of your organization’s name or your company logo with tag line.  This image needs to be a transparent JPG or PNG with a maximum height of 36 px and maximum width of 245 px.  The reason it should be transparent is that it will appear in other areas of the Office 365 portal and may be in front of a colored background.

The third area highlighted on the page is where you would add free form text.  It can only be 256 characters and might be something like: “For assistance call the help desk”… or a disclaimer: “For official employee use.” Many places leave it blank, but this could be utilized to remind employees of the help desk number or other items of note.

Here is an example of the portal for Peters & Associates with the associated numbers for each image and text placement:

This TechNet article describes and labels all of the areas available for customization: https://support.office.com/en-us/article/Add-your-company-branding-to-Office-365-Sign-In-page-a1229cdb-ce19-4da5-90c7-2b9b146aef0a

This additional article does a good job in outlining where and how you can accomplish the portal branding: https://docs.microsoft.com/en-us/azure/active-directory/customize-branding

While branding won’t thwart all attempts at phishing, it should help prevent the drive-by phishing attacks that make use of the generic portal images and will also give your organization a more professional look. When you do customize the end-user experience, it is also important to communicate the changes so employees know what they should see when they go to log in.

If you want to learn more about customizing the sign in page or other security considerations for your organization, contact us at info@peters.com. We’re happy to help!

By |2018-12-18T12:09:49-05:00November 8th, 2017|Security Solutions|Comments Off on Customizing Your Office 365 Portal

About the Author:

As the Information Security Architect at Peters & Associates, Thomas Johnson (TJ) is responsible for providing security and compliance leadership. This includes such areas as vendor management, disaster recovery, business continuity, data protection, security products, budgeting and risk management. He has over 25 years of experience in security and technology and has extensive compliance related expertise in banking and healthcare. TJ holds many security related certifications as well as a Master’s Degree in Information Technology Management with a specialization in Information Security from the Illinois Institute of Technology in Technology. TJ focuses on Security Leadership, Risk Management, Information Security Assessments, Compliance Management and DR / BCP.