Office 365 Secure Score

Security Action Plan and Secure Score

Microsoft have put a lot of effort in to improving the security of Office 365 tenants, but the onus is on the end user to implement the changes.

Office 365 tenants now receive a security score that provides a numerical indication of the security level for your implementation. This score is accessed from within the Security and Compliance Centre.

The maximum score varies but is typically between 700 and 800 and we will often see companies score between 50 and 100 and the average is only 37 which shows how much work is required. There is a law of diminishing returns within this system that means once the low hanging fruit has been picked it becomes increasingly more difficult and expensive to improve the score.

Microsoft provide a useful comparison with similar sized companies so that you can judge how you are doing. In the example below we can see that the Secure Score for this tenant is much higher than the average for similar sized and industry companies. We can see from the average score of 37 this tenant is at a much higher level but can still be improved.

A detailed action plan is given by Microsoft; however, this is not a simple tick box exercise, it does require a high level of knowledge to implement some of these changes.

Immediate Changes

With such a long check list in the Secure Score it will not be an instant fix, and some of the actions we would recommend are outside of the Office 365 tenant. A good starting point of actions are listed below:

1. Implement a training program to educate your employees on the risks, this could include some phish testing where emails are sent in and the users receive training on how to spot these emails and the appropriate actions to take.
2. Implement additional layers of filtering, start removing the number of emails that your employees receive and reduce the risk immediately. We have found that the Mimecast filtering service provides an excellent level of filtering.
3. Increase the security of your employee’s authentication process by implementing Multifactor authentication. This is one of the best methods for instantly reducing the risk, there are always barriers to overcome with this such as the employees not having company mobile phones to run the authenticator app. We have many options for overcoming these barriers.
4. Monitor unusual logon activity and setup alerting.
5. Monitor unusual forwarding rules and changes in mailbox access.

If you unsure on how to implement these changes then call us on 02392 482556 and let us help you with these tasks.