“The Secure Score is calculated using points given to configuring recommended security features, undertaking security related tasks and addressing improvement actions as noted.”
Did you know there is a very quick way to find out?
Microsoft provides a ‘Secure Score’ as part of your O365 tenant, which gives a representation of your company’s tenant security posture.
Office 365 (renamed Microsoft 365 for some in April 2020) is a cloud-based subscription model version of Microsoft’s popular productivity suite Microsoft Office. It’s used by 1.5bn people worldwide making it one of the most popular software suites.
As with any cloud or data product, your Office 365 tenant comes with a security risk. Some say the huge name of Microsoft makes it a target but security is a huge driving factor for the company. They include a service level agreement with a 99.9% uptime guarantee with every Office 365 subscription. That’s a high guarantee.
Just last month (March 2021) Microsoft created a dedicated portal for Microsoft 365 security tools. This is where you can find the free tool to assess your security risk.
How Safe is my Office 365 tenant?
Office 365 Secure Score analyses your organisation’s security based on your regular activities and security settings and assigns a score.
Adjusting some tenant-wide settings will increase your score. The goal is not to achieve the max score, but to be aware of opportunities to protect your environment that do not negatively affect productivity for your users.
To access Microsoft Secure Score, you must be assigned a particular role for either read only or read and write access.
Why should I improve my office 365 tenant secure score?
Microsoft will make recommendations to you to increase your score and decrease your security risk. This can protect your company from both internal and external threats.
The Secure Score is calculated using points given to configuring recommended security features, undertaking security related tasks and addressing improvement actions as noted.
Some improvement actions only give points when fully completed and some give partial points if completed for only certain devices or users.
If you can’t or don’t want to action one of the improvement actions suggested then you can choose to accept that risk.
Currently there are recommendations for the following products included the Secure Score:
- Microsoft 365 (including Exchange Online)
- Azure Active Directory
- Microsoft Defender for Endpoint
- Microsoft Defender for Identity
- Cloud App Security
- Microsoft Teams
The recommendations won’t cover all the attack surfaces associated with each product, but they are a very good baseline and method of securing your Office 365 tenant further.
Many of the recommendations made can have an impact on how your O365 tenant operates and so need to be consider carefully.
If you need help with your security recommendations, IT Naturally can help you assess the business impact and ensure they are correctly configured to minimise any associated risks.