Getting Started With Office 365 Secure Score

This post has matured and its content may no longer be relevant beyond historical reference. To see the most current information on a given topic, click on the associated category or tag.

Check out our video demo on Managing Secure Score.

Office 365 and Azure portal products have built-in security. But did you know Microsoft recommends using Office 365 Secure Score to further protect your Office 365 and Azure portal?

Most security experts will tell you the only secure network is the one not connected to the Internet. But no matter how many great programmers and security experts Microsoft hires, hacker will always find ways to exploit vulnerabilities.

(Need immediate help with Office 365? Get started with Office 365 consulting today.)

Are Office 365 and Azure Secure?

Out of the box, Office 365 and Azure have strong security and spam filtering already activated. However, Microsoft leaves some items intentionally unconfigured so organizations can customize their portals as needed. Some security features built into Office 365 include:

  • Auditing and logging of all data transactions
  • Internal cybercrime team
  • Design and operational security
  • Encryption (data at rest)
  • Identity and access management
  • Physical network security
  • Data threat management
  • And more.

What Is Office 365 Secure Score?

Office 365 Secure Score is a numerical scoring system that analyzes configuration information from your Office 365 and Azure portal and compares the data to security criteria. The service then provides best practices for securing your tenant based on that score.

Here’s how Office 365 Secure Score works:

  • Analyzes your Office 365/Azure tenant to give you a list of best practices and recommendations to secure your data.
  • Provides information on threats that can happen if you decide not to implement the suggested recommendation.
  • Assigns a numerical score to each recommended item so you can easily see how your score compares to the maximum score Microsoft recommends for your tenant. The values range from 0 to 483 depending on the options and licensing in your tenant.
  • Most companies should aim to have a score of between 200-300 (at minimum) depending on compliance requirements.

Microsoft intentionally leaves many security options unconfigured, so you need to verify the Office 365 Secure Score security options are right for your organization. Microsoft’s security recommendations for Office 365/ Azure Tenants fall into three main categories:

  • Account – Account Access and Security
  • Data – Data Access and Security
  • Device – Device Access and Security

In modern organizations, data is king; securing your information is the most important thing you can do. Beyond stolen information, your organization can also be liable for damages to its customers, shareholders and much more. Securing your data while enabling employee access to do their work can be a juggling act.

Just a few things you should consider about accessing your data in today’s workforce:

  • There are more people traveling for work.
  • More people work remotely from home than ever before.
  • Employees access data from multiple device types and models.
  • New vulnerability exploits are discovered every day.

How Can I Get Office 365 Secure Score?

Office 365 Secure Score is available with all Office 365/Azure licenses. To access Office 365 Secure Score, navigate here. (Know that you must have admin permissions to use the service.)

Before implementing Secure Score recommendations, you should consider:

  • Industry/regulatory data compliance needs: Many industries require data be secured using information rights management.
  • Internal & external data access needs: Many organizations are required to limit how data is accessed internally and externally.
  • Internal and external data sharing needs: Many organizations are required to block sharing of information to avoid data breaches.
  • End user impact after changes: Security is a balance between securing data access and not hindering productivity. Maintaining a balance while minimizing the impact on users is the goal of every security professional.

Planning and testing will make or break the implementation of recommended actions — helping you avoid big issues for end users. Many of the recommended actions are simple enough to enable or review, but we recommend that you work with an experienced Microsoft partner if you need guidance on creating recurring workflows based on your Secure Score ranking to protect your data.

This is especially important when implementing certain recommended measures such as:

  • Enabling multi-factor authentication for all users: This may be great for some organizations but a disaster for others.
  • Staying active in monitoring system activities and making sure to view weekly audit reports.
  • Determining whether to require mobile devices to use encryption in your organization.
  • Determining whether to set expiration times for external link sharing.

Implementing security measures will affect the day-to-day for your employees. You need to know how these measures might disrupt their daily productivity.

Working with a partner that can help you plan each step of the way will save you time and headache. Agile IT is a trusted Microsoft Gold Partner with 15 Gold competencies. Our Office 365 and Azure consultants can help you with the following:

  • Office 365 Secure Score Planning
  • Office 365 Secure Score Testing
  • Office 365 Secure Score Configuration
  • Office 365 Secure Score Monitoring
  • Office 365 Secure Score Reporting & Generating Evidence for Compliance

Need help setting up Secure Score or have other Office 365 consulting needs? Schedule a free consultation here to learn how our cloud experts can help, or request a quote: