Microsoft 365 (formerly Office 365) is used by more than half of the offices around the world. And as with any popular program, hackers are searching for vulnerabilities in order to breach it and get into your network and devices.
How secure is your Microsoft 365 (formerly Office 365) deployment?
The applications within Microsoft 365 (formerly Office 365) contain several settings that can increase overall security, but many users aren’t aware of some of them or aren’t aware of how much they can boost their IT security overall.
The Microsoft 365 (formerly Office 365) Secure Score is a tool that Microsoft developed for business users to test how secure their deployment of the Microsoft 365 (formerly Office 365) applications is and give them suggestions for improving security. If you’re using Microsoft 365 (formerly Office 365) at your organization, this is a tool you’ll definitely want to use.
At Twin State Technical Services, our IT security team works with businesses in the Quad City area on cybersecurity and helping them prevent costly data breaches. Client education about good security practices and knowing the tools they can use to enhance security are an important part of our efforts to be a great IT partner.
The Microsoft 365 (formerly Office 365) Secure Score API launched about 2 years ago, in February of 2017, but many Microsoft 365 (formerly Office 365) businesses users don’t know about this free tool or aren’t sure how to use it.
We’ll give you all the details below on how to use it, what it does, and why it’s important for your organization to use it to enhance your data security.
Microsoft 365 (formerly Office 365) Security Score Explained
When you first begin using Microsoft 365 (formerly Office 365) “out of the box” you might think that everything just defaults to the best security settings, but that’s not the case. There are 77 different security factors in Microsoft 365 (formerly Office 365), with settings that can vary according to an organization’s workflows and preferences.
The security score tool evaluates each of these security factors to arrive at an overall score and provide you with suggestions for improving that score and your IT security.
Where to Access the Microsoft 365 (formerly Office 365) Security Tool
You can access the security tool from the following places:
- A widget on the home page of the Microsoft 365 (formerly Office 365) Security and Compliance Center
Users must be assigned one of the following roles to gain access to Microsoft 365 (formerly Office 365) Security Score:
- Global Administrator
- Billing Administrator
- User Administrator
- Password Administrator
- Security Administrator
- Security Reader
- Exchange Administrator
- SharePoint Administrator
What Does this Security Tool Tell Me?
The Secure Score tool will first determine which services you’re using on Microsoft 365 (formerly Office 365) (OneDrive, Exchange, etc.), then it will scan your settings and compare those to a Microsoft baseline. It will show you your score as compared to the baseline and let you know where security improvements can be made.
Photo credit: Microsoft.com
Examples of Security Improvements
One of the best features of the tool is that it gives you actionable recommendations for improving your Microsoft 365 (formerly Office 365) security based upon your current settings and applications that you’re using.
An example of the types of security recommendations that the tool might make are:
Enable MFA for all users (or all global admins)
Multifactor-authentication (MFA) adds an important layer of security to your logins and protects your company from a breach should a password be hacked or stolen.
Once enabled, users will receive a prompt to set up MFA, typically by giving a mobile phone number to which an authentication code can be texted at the time of login.
Enable mailbox auditing for all users
When mailbox auditing is enabled, any new mailbox created for a new user will default to it being on. This allows certain actions by mailbox owners, delegates, and administrators to be automatically logged and mailbox audit reports to be available for them.
Review sign-ins after multiple failures report weekly
This particular action is not scored, and the Security Score tool will note that when it makes a recommendation. But it can be a helpful report to receive that lets you know if someone is trying to breach a password by making several unsuccessful attempts.
Secure Score Analyzer
Each security improvement you implement is cataloged, and you can use the Secure Score interface to see your security score over time, the actions taken, and how it compares to the baseline.
Photo credit: Microsoft.com
Why Use Microsoft 365 (formerly Office 365) Secure Score?
This tool can help you improve an important part of your office IT security for your Microsoft 365 (formerly Office 365) applications, which are typically a large part of the cloud-based infrastructure being used in an organization that utilized Microsoft 365 (formerly Office 365).
“Customers who are using Secure Score have seen their score increase five times more than customers who aren’t using it.” – Microsoft
The tool is free for all Microsoft 365 (formerly Office 365) Business subscriptions, so there’s no additional cost and the security suggestions it makes can potentially make a big difference in your organization’s ability to avoid a data breach or security incident.
Get a Full Network Vulnerability Scan from Twin State Technical Services
Ensure your network security is strong by going a step farther than the Microsoft 365 (formerly Office 365) platform and having a full network vulnerability scan. Twin State Technical Services does a full internal and external scan to locate any weaknesses and make recommendations to address them.
Schedule yours today by calling us at 563-441-1504 or reaching out online.