So, you’re an O365 customer. That’s great news. The Microsoft productivity suite can not only help your team perform their roles more efficiently and effectively, but also allow you to manage your data and information flow more securely. How? By effective security administration and reporting using Microsoft Secure Score
One tool that’s part of the O365 security offering is Microsoft Secure Score.
What is Microsoft Secure Score?
Microsoft Secure Score (formerly known as Office 365 Secure Score) is a rating of your organisational security in across two products: Office 365 services and Windows 10.
It’ll look something like this:
Tip: You’ll only have the Windows 10 Secure Score if you have Windows Advanced Threat Protection.
You can liken your combined Microsoft Secure Score (and subcategorized Office 365 Secure Score and Windows Secure Store) to a credit rating. It will give you a number rating out of a total number of security points so you can see how up to scratch your security is – or isn’t!
Is my Secure Score acceptable?
You’ll easily be able to determine the ratio of security points you’ve already covered, to security features overall. Trying to achieve a perfect score is, like a credit score, a little unattainable. But then how high a score is high enough?
One of the benefits of the Secure Score tool is being able to compare yourself with organisations of a similar size, organisations in the same industry, and overall. This can give you some idea of where you sit.
However, just because you’re outpacing the average O365 customer, doesn’t mean that you shouldn’t check over where your security issues lie – those extra points that can boost you to 100%.
There’s also the capability to view your Secure Score over time. You’ll be able to check whether it’s increasing, staying stable, or decreasing. It’s particularly important to address security if your Secure Score appears to be falling.
Actions to Increase Your Secure Score
When investigating your Secure Score further, you’ll see the ability to set a target score that you’d like to achieve. Once you set a target score for your organisation you’ll then be given a list of queued actions to take that will allow you to achieve this score. These queued actions can be filtered by types such as user impact, implementation cost, and control type.
For each of these security actions, there is a clear guide to implementation described, as well as the threats involved when you don’t have it implemented. You’ll also be able to find out what impact the action will have on your users.
Once you’ve implemented security actions, your Secure Score will update the next day. Use the Secure Score tracking over time functionality to check how you’re doing and generate reports for stakeholders.
Who can use Secure Score?
Secure Score is only available for O365 administrators that you grant access. As a security-conscious organisation, you’ll need to periodically review your list of allowed administrators to ensure they still need to have access.
For O365 organisational administrators, Secure Score can be accessed directly through securescore.microsoft.com.
Other security tips
Microsoft also gives us a few security tips that can help boost your information security:
- Always use multi-factor authentication (i.e. not just a password, but a notification or SMS)
- Use Office 365 Cloud App Security (available with the E3 Enterprise package or as an add-on)
- Configure Office 365 Mail for security (with anti-spam and malware filters, etc.)
- Switch on mailbox audit logging
- Enable Data Loss Prevention
The other thing to keep in mind is that creating a security-conscious atmosphere within your team is some of the best defences against security threats. After all, there is great power in knowledge! Implementing security talks and updates, and including security news in newsletters, etc. can go a long way to creating this type of security culture.
If you’d like more guidance in O365 security for your business or need a hand setting things up with the best configuration, then why not get in contact with us at A1 Technologies. We’re a proud Microsoft Partner and know all the ins and outs of organisational O365 implementations.
Subscribe to our newsletter
Enter your email and stay in touch with the latest updates from A1.
You might also like…
- When you’re thinking about converting your legacy systems to G Suite or Office 365, one of the most important bullet points on your...
- Whaling Attacks and How to Prevent Them A whaling attack is a clever little play on words that has its roots in phishing....
- With 2020 mere moments away, it’s suffice to say that every business needs a video conferencing solution. Whether you are a small business...