Month of October
The month of cozy fall evenings, 🍂
The month of Halloween, 🎃

And most importantly, the month of Cybersecurity Awareness! 🛡️

After 2 successful years of helping Microsoft 365 admins with our series on:

We’re back and ready with a new approach this year!

The theme for Cybersecurity Awareness Month 2024 is going to focus on something different, a fresh perspective: Secure Scores in Microsoft 365.

Sure, we know some sysadmins bash on the Secure Score as just a sales pitch from Microsoft—but there is more to it than meets the eye! If you have not explored its full potential yet, that is exactly what we will do.

Is Microsoft Secure Score Really a Sales Pitch?

The ‘secure score recommendations based on assessments’ sound like a great help from Microsoft, right? And they definitely are! 💯But many people online seem to buzz a lot, a few are:

  • Most security features recommended are only available with higher-tier licenses and are locked behind a price barrier!
  • Can you only increase your Microsoft Secure Score if you buy more advanced licenses?
  • Secure Score is merely a marketing tool – a “sales pitch” to upsell Microsoft products.
  • Some even argue that Secure Score is more about pushing Defender products—like Defender for Office 365, Identity, and Endpoint protection—than genuinely improving your security.
  • Many believe that to boost your score, you might take actions that could even be counterproductive.
Secure Score Recommendations Talk in Reddit

Microsoft Secure Score – A Free Security Assessment Tool:

Microsoft Secure Score is all about how you see and use it. 😌At its core, Microsoft Secure Score is a security monitoring tool, dashboard, or portal – however you want to refer to it!

It’s free, easy to use, and a great starting point for Microsoft 365 security audits. Here’s what it does:

✅Evaluate your organization’s security posture,
✅ Gives a snapshot of your overall security health,
✅ Calculate a score based on the protocols you’ve implemented,
✅ Shows you exactly how secure your organization is.
🔥It also offers ‘Actionable Recommendations’ to boost your security and score.

The recommendations update over time, so even if you’re not keeping up with the latest security practices, Secure Score can guide you on what to improve.

One more thing: A good Secure Score is often requested for Cyber Insurance, so it’s worth paying attention to! 😉

Focus on Recommendations, Not the Score:

At AdminDroid, we suggest using Secure Score wisely:

  • Focus less on the score itself but more on the recommendations it suggests!
  • Review the Secure Score recommendations, prioritize the ones that are most relevant to your organization, and decide if they’re worth the upgrade for your setup.
  • Not every recommendation will fit your Microsoft 365 environment; always balance security with usability.

Ultimately, we say: Act on the recommendations, not the score!

It’s just a number! Don’t feel so INSECURE about your SECURE SCORE. 💯

Cybersecurity Awareness Month Series – 2024

Now, let’s jump into our plan for this series! The end goal is not to chase the highest secure score but to increase security standards by selectively implementing recommendations tailored to your licenses, size, and specific needs.

We at AdminDroid have planned to take off the series into two parts:

  • Part 1: We’ll categorize & compile the Microsoft suggested recommended actions in the secure score along with a step-by-step implementation guide.
  • Part – 2: This is different! We will provide a thorough list of security configurations missing from the secure score recommendations.

This way, we can support everyone – from those looking to increase their Secure Score to those who just wish to strengthen their Microsoft 365 security.

After all, A security configuration a day keeps the hacker away!

Day 1: Boost Secure Score by 12 Points with 3 Easy Configurations

Enhance your organization’s security with three easy Microsoft 365 configurations. Disable external calendar sharing, block third-party app registrations, and ensure only invited users bypass the Teams meeting lobby. These quick adjustments improve your Microsoft Secure Score by 12 points, providing stronger protection without needing extra licenses.

Day 2: Top 3 Settings to Increase Secure Score by 28 Points

With numerous recommendations available, it can be tricky to focus on the most impactful ones. This blog highlights the highest-scoring configurations that boost your Microsoft Secure Score by 28 points and secure your Microsoft 365 environment.

Day 3: Top 5 Microsoft Entra ID Secure Score Recommendations to Boost Your Security

Increase your Microsoft secure score as well as improve overall security by these top 5 Entra ID recommendations, especially for Entra ID P1 and P2 users. Right from configuring sign-in risk CA policies to blocking legacy authentication, insider risk protection, and much more with detailed implementation steps. Check out and enhance your organization’s security.

Day 4: 6 SharePoint Online Recommendations to Improve Secure Score

Enhance your organization’s security with 6 actionable recommendations for SharePoint Online. These tips focus on critical settings like managing guest access, enabling Microsoft Defender, and more. By following these steps, you can improve your Microsoft Secure Score by 16 points, ensuring better protection for your data and collaboration tools.

Day 5: 6 Essential Password Settings to Improve Secure Score & Security

Did you know that 81% of cyberattacks can be blocked with simple password configurations? By implementing essential password settings, you can greatly enhance your Microsoft 365 security and improve your Secure Score. Here are the top 6 password settings every M365 organization should consider.

Day 6: How to Improve Microsoft Identity Secure Score?

Microsoft secure score provides scores across various categories, such as apps, data, and devices. Among these, the secure score focuses specifically on recommendations related to an organization’s identity, which we call “Identity secure score recommendations”. To boost your identity secure score, check out this blog where we highlight three essential and easy-to-implement recommendations.

Day 7: Strengthen Exchange Online Security with Microsoft Secure Score Recommendations

As organizations heavily rely on email for professional communications, strengthening Exchange Online security is essential. This blog outlines key steps such as enabling Customer Lockbox, mailbox auditing, modern authentication, etc., to protect sensitive data and ensure compliance. Implement these Secure Score suggestions to significantly boost your security in email communications.

Day 8: Top Ways to Maximize Microsoft Secure Score for Devices

Devices are often the first target for attacks, making their security critical. Microsoft Secure Score is more than just a number—it’s a roadmap to stronger protection. This blog highlights key device-related Secure Score recommendations, explaining their significance and how to configure them. By implementing these steps, you’ll protect sensitive data, close security gaps, and strengthen your IT environment.

Day 9: Major Microsoft Teams Configurations to Boost Secure Score by 8 Points

As Teams becomes central to collaboration, securing meetings is crucial. This blog highlights essential configurations, such as limiting external presenters, restricting anonymous users, and controlling meeting access, to enhance your organization’s secure score by 8 points. Implement these changes to safeguard your Teams environment and ensure secure communication.

Day 10: 6 Microsoft Information Protection Recommendations to Improve Secure Score

Improve your organization’s data security with six simple Microsoft Information Protection (MIP) tips that can help you gain 15 points in your Microsoft Secure Score. This blog covers important settings like turning on data loss prevention and creating sensitivity labels for your data. By following these tips, you can better protect sensitive information and reduce the risk of data breaches in your Microsoft 365 environment.

Day 11: Secure Your Third-party Applications with Microsoft Secure Score Recommendations

Enhancing your organization’s security requires securing the third-party applications as well. Identify the supported third-party apps in MS secure score and implement the given recommendations to improve your secure score and overall security.

Day 12: Boost Microsoft Secure Score with Essential Email Filtering and Spam Protection

This blog explores key email filtering and spam protection strategies in Exchange Online to strengthen cybersecurity and Microsoft secure score. It provides detailed steps for configuring anti-spam policies, quarantining threats, and utilizing Zero-hour auto purge to protect against phishing, malware, and spam attacks.

We’ll update the list daily, so subscribe now to get the latest updates! 🔔

Reddit: reddit.com/r/AdminDroid/
LinkedIn: linkedin.com/company/admindroid
Twitter: twitter.com/admiindroid
Facebook: facebook.com/admindroid