Back

Getting Started With Office 365 Secure Score

Check out our video demo on Managing Secure Score. Office 365 and Azure portal products have built-in security. Did you know Microsoft recommends using Office 365 Secure Score to further protect your Office 365 and Azure...

4 min read
Published on May 9, 2017
Office 365 Secure Score Guide

Check out our video demo on Managing Secure Score.

Office 365 and Azure portal products have built-in security. But did you know Microsoft recommends using Office 365 Secure Score to further protect your Office 365 and Azure portal?

Most security experts will tell you the only secure network is the one not connected to the Internet. But no matter how many great programmers and security experts Microsoft hires, hacker will always find ways to exploit vulnerabilities.

(Need immediate help with Office 365? Get started with Office 365 consulting today.)

Are Office 365 and Azure Secure?

Out of the box, Office 365 and Azure have strong security and spam filtering already activated. However, Microsoft leaves some items intentionally unconfigured so organizations can customize their portals as needed. Some security features built into Office 365 include:

  • Auditing and logging of all data transactions
  • Internal cybercrime team
  • Design and operational security
  • Encryption (data at rest)
  • Identity and access management
  • Physical network security
  • Data threat management
  • And more.

What Is Office 365 Secure Score?

Office 365 Secure Score is a numerical scoring system that analyzes configuration information from your Office 365 and Azure portal and compares the data to security criteria. The service then provides best practices for securing your tenant based on that score.

Here’s how Office 365 Secure Score works:

  • Analyzes your Office 365/Azure tenant to give you a list of best practices and recommendations to secure your data.
  • Provides information on threats that can happen if you decide not to implement the suggested recommendation.
  • Assigns a numerical score to each recommended item so you can easily see how your score compares to the maximum score Microsoft recommends for your tenant. The values range from 0 to 483 depending on the options and licensing in your tenant.
  • Most companies should aim to have a score of between 200-300 (at minimum) depending on compliance requirements.

Microsoft intentionally leaves many security options unconfigured, so you need to verify the Office 365 Secure Score security options are right for your organization. Microsoft’s security recommendations for Office 365/ Azure Tenants fall into three main categories:

  • Account – Account Access and Security
  • Data – Data Access and Security
  • Device – Device Access and Security

In modern organizations, data is king; securing your information is the most important thing you can do. Beyond stolen information, your organization can also be liable for damages to its customers, shareholders and much more. Securing your data while enabling employee access to do their work can be a juggling act.

Just a few things you should consider about accessing your data in today’s workforce:

  • There are more people traveling for work.
  • More people work remotely from home than ever before.
  • Employees access data from multiple device types and models.
  • New vulnerability exploits are discovered every day.

How Can I Get Office 365 Secure Score?

Office 365 Secure Score is available with all Office 365/Azure licenses. To access Office 365 Secure Score, navigate here. (Know that you must have admin permissions to use the service.)

Before implementing Secure Score recommendations, you should consider:

  • Industry/regulatory data compliance needs: Many industries require data be secured using information rights management.
  • Internal & external data access needs: Many organizations are required to limit how data is accessed internally and externally.
  • Internal and external data sharing needs: Many organizations are required to block sharing of information to avoid data breaches.
  • End user impact after changes: Security is a balance between securing data access and not hindering productivity. Maintaining a balance while minimizing the impact on users is the goal of every security professional.

Planning and testing will make or break the implementation of recommended actions — helping you avoid big issues for end users. Many of the recommended actions are simple enough to enable or review, but we recommend that you work with an experienced Microsoft partner if you need guidance on creating recurring workflows based on your Secure Score ranking to protect your data.

This is especially important when implementing certain recommended measures such as:

  • Enabling multi-factor authentication for all users: This may be great for some organizations but a disaster for others.
  • Staying active in monitoring system activities and making sure to view weekly audit reports.
  • Determining whether to require mobile devices to use encryption in your organization.
  • Determining whether to set expiration times for external link sharing.

Implementing security measures will affect the day-to-day for your employees. You need to know how these measures might disrupt their daily productivity.

Working with a partner that can help you plan each step of the way will save you time and headache. Agile IT is a trusted Microsoft Gold Partner with 15 Gold competencies. Our Office 365 and Azure consultants can help you with the following:

  • Office 365 Secure Score Planning
  • Office 365 Secure Score Testing
  • Office 365 Secure Score Configuration
  • Office 365 Secure Score Monitoring
  • Office 365 Secure Score Reporting & Generating Evidence for Compliance

Need help setting up Secure Score or have other Office 365 consulting needs? Schedule a free consultation here to learn how our cloud experts can help, or request a quote:

This post has matured and its content may no longer be relevant beyond historical reference. To see the most current information on a given topic, click on the associated category or tag.

Related Posts

Understanding the GCC High Validation Process

Understanding the GCC High Validation Process

Learn how Microsoft validates organizations for GCC High, including eligibility requirements, documentation, and approval timelines for secure cloud access.

Sep 3, 2025
8 min read
Azure Backup Features and Advantages | Data Protection Guide

Understanding Azure Backup: Features and Advantage

Explore the key features and benefits of Azure Backup, including secure cloud-based recovery, policy automation, and compliance-friendly storage.

Sep 2, 2025
6 min read
How to Obtain GCC High Licenses for Your Organization

How to Obtain GCC High Licenses for Your Organization

Learn how to obtain GCC High licenses for your organization. Understand eligibility, required documentation, and Microsoft’s validation process for secure government cloud use.

Sep 1, 2025
7 min read
Top CMMC Assessment Checklist Resources

Top 7 CMMC Assessment Checklist Resources

Explore the top CMMC assessment checklist resources to prepare for compliance. Learn what tools, templates, and guides can streamline your certification journey.

Aug 28, 2025
6 min read
Cloud Backup Solutions for Microsoft 365 | Benefits & Protection

Benefits of Implementing Cloud Backup Solutions for Microsoft 365

Learn the key benefits of cloud backup for Microsoft 365, including enhanced data protection, compliance support, and recovery from cyber threats.

Aug 27, 2025
6 min read
CMMC Level 3 Security Controls: Understanding NIST 800-172

Understanding NIST 800-172 Enhanced Security Controls for CMMC Level 3

Learn how NIST 800-172 enhances CMMC Level 3 compliance with advanced security controls for protecting CUI against sophisticated cyber threats.

Aug 27, 2025
7 min read

Ready to Secure and Defend Your Data
So Your Business Can Thrive?

Fill out the form to see how we can protect your data and help your business grow.

Loading...
Secure. Defend. Thrive.

Let's start a conversation

Discover more about Agile IT's range of services by reaching out.

Don't want to wait for us to get back to you?

Schedule a Free Consultation

Location

Agile IT Headquarters
4660 La Jolla Village Drive #100
San Diego, CA 92122

Secure. Defend. Thrive.

Don't want to wait for us to get back to you?

Discover more about Agile IT's range of services by reaching out

Schedule a Free Consultation