Using Secure Score to harden your Office 365 tenant security

by | Jan 12, 2018 | Security | 0 comments

Security. We’re inundated (and blindsided) with media horror stories on a daily basis about lapses and compromises in cloud security. In our jobs, in online banking, our personal email…we just can’t get away from or ignore it. But what really makes something secure? Is our corporate and personal data ever really 100% secure?

To be honest, we just want to use our stuff.  We don’t want to have to worry about or learn new, sometimes complicated, features for a possible threat that may not even happen to us directly. And how do we make our environment secure in a way that we can comprehend and manage, that won’t be intrusive or inhibiting to our process flows? Unfortunately, as our identities and intellectual virtual property become more and more integrated with public domain, so does the increased chance(s) of those being stolen and used with nefarious intent.

Fortunately, Microsoft has come out a new tool called Secure Score that can help lessen the burden of having to figure out the ‘under the hood’ mechanics of making something secure, while still providing us with that warm and fuzzy feeling from knowing we’re doing what we can to make it harder to be preyed upon and victimized. Secure Score is part of your subscription to Office 365.

 Key Features

Secure Score helps with analysis of your Office 365 security settings and activities and assigns a score based on your profile. Some key features include:

  • A Dashboard tab that has the look and feel of a credit score report from the credit bureaus, offering familiarity and comfort with both navigation and easy comprehension of the information presented. This includes:
    • A target score with a sliding scale that increases the number and complexity of tasks needed to improve the overall score based on its level
    • A risk assessment that reports the various threats that could be mitigated with the recommended actions being implemented
      • Examples of threats:
        • Account Breach – an account in your tenant is breached such that it can be used by an attacker to interact either with resources in Office 365, or with your on-premises infrastructure.
        • Elevation of Privilege – an attacker has managed to compromise one or more accounts in your tenant, and is now working to increase their power.
        • Data Exfiltration – an attacker has found a way to move data out of your tenant.
      • The Dashboard tab action item queue offers recommendations and their relative scores to improve tenant security and overall secure score. It includes explanations of the tasks being recommended for environment owner evaluation and determination.
        • Example of recommended action items:
          • Enable MFA for all global admins
          • Enable MFA for all users
          • Enable Client Rules Forwarding Block
          • Set outbound spam notifications
          • Enable mailbox auditing for all users
        • Score Analyzer tab offers a time-based line chart of comparison with your tenant score vs the Office 365 average score to provide historical reference to changes in score for your tenant. If any recommendations were implemented it also shows how those impacted the score.

Sounds great! How do we do it? Very simple. Go to your browser, type in the following URL (using your Office 365 Global Admin credentials that authenticate you to your tenant):

The image above shows a sample of the overall score reported and then proceeds with the recommendations to improve the security of your environment.  As noted in the key features section of this blog, on the dashboard tab you can use the sliding the scale to change your target score.  This can help you decide how aggressive you would like to be in changing the environment to increase the score/strengthen the security. Below is an example of how sliding the scale to increase the target score impacts the number of actions as well as the levity of those actions to achieve the increased score:

Sliding the scale to increase the target score increases the number of actions in the queue:

Keep in mind as the changes become more aggressive, so does the potential for increased end user visibility with those changes.  For example, implementing Multi Factor Authentication or MFA, for all users would change their login experience by requiring them to use their phones for their authentication procedure.

At the bottom right of the Secure Score dashboard tab, there is also a link to an online community to seek advisement on improving the secure score.  It offers the ability to ask questions and search for answers:

Sound enticing? Need more information? Email We are happy to help. Thanks for reading and good luck!