With new threats evolving it can be challenging for your organisation to stay protected. It’s time to review your security position with the Microsoft Secure Score.
First things first, what is Microsoft Secure Score?
It’s a security analytics tool to give you better visibility of your security configuration and the security features available. It applies a numerical score to custom security that outlines the action that can be taken to improve that configuration.
This tool analyses your Office or Microsoft 365 environment in terms of how secure it is and suggests refinements that can further reduce your overall risk.
Secure Score helps you understand the extent to which you have a robust security configuration. It also informs you about behaviours and best practices to have inside your Office 365 subscriptions.
Where can I find my Secure Score?
It can be found at https://security.microsoft.com/securescore in the Microsoft 365 security center. Login to Microsoft Secure Score with a user that holds administrative roles, such as user admin or security admin. What’s best is you don’t need to set anything up in order to view your Office 365 score. It’s instantly available.
How does it work?
Secure Score determines what services you’re using (OneDrive, Azure, SharePoint, etc.). It looks at your settings and activities and compares them on a baseline established by Microsoft. You’ll get a score based on how you are aligned with security best practices.
What does my score mean?
Within your dashboard, you’ll be able to view your Office 365 Secure Score, and how you compare against the industry average. Alongside this, you’ll be presented with a target score you can alter depending on how quickly you’re aiming to increase security within Office 365.
As a rule of thumb, if your Overall Score is below 50% we would recommend immediate action. We would expect to see a score of over 75%
The next step is to prioritise the updates and improvements that are the most essential to your business, and Microsoft will walk you through this. Some examples of remediation items are:
- Ensure all users can complete multi-factor authentication for secure access (9 points)
- Require MFA for administrative roles (10 points)
- Conditional access
If you have an internal IT department, they may decide to manage changes. Alternatively, if you work with an external IT support partner, let them know you’ve reviewed your Secure Score and ask them to get involved with the change process.
Also work out how long it will take to implement these changes. You want to keep disruptions to a minimum and ensure business as usual wherever possible, so look at staggering the updates through the various departments within the business or updating servers at the weekend.
If you would like to discuss your Secure Score and how to improve it, or have any other questions please feel free to get in touch with us here at aFinite. You can arrange a meeting with one of our team here, just choose the time that best suits you below.
Book a meeting to discuss your Secure Score