Why do we need Office 365 Secure Score?
As an Office 365 administrator, we put more efforts on securing our Office 365 tenant, but we don’t have a clear idea about how much we have progressed and what do we need to do more to improve the security further. This is where the Office 365 Secure Score comes in. Office 365 provides a score based on your tenant’s security settings and practices. Also, it provides the list of the areas which can improve your tenant’s security and Secure Score.
How does the Office 365 Secure Score work?
- Microsoft has compiled a list of features (known as controls) you should enable/disable to increase your Secure Score. For example, turning on MFA (Multi-factor Authentication) for users, and Configuring DLP (Data Loss Prevention) policies.
- Microsoft has defined the priority for each control based on the impact of the settings and the maximum score is assigned for the controls with high priority. So, you should consider implementing the high priority settings rather than low priority settings to boost your security and score.
- The Secure Score for your tenant is calculated by adding the score of each enabled setting.
How can we use the Secure Score?
- Secure Score provides insights on your current security settings at the same time provides guidance to increase your security level.
- The Secure Score also helps you to prioritize the action you need to take care of. The higher the score is the higher priority you need to consider implementing.
- Secure Score greatly helps you on a security assessment by evaluating current security and compliance settings.
- It’s very difficult to get the full score for your tenant as few of the settings will not be valid for your case. So, Microsoft provides the average score and industry average score based on your industry type.
- Average Score: The average score is calculated by considering every Office 365 tenants score.
- Industry Average: It is calculated based on the tenants with your similar industry. Microsoft provides the option to specify your industry type to make use of this industry average score.
- Both Average Score and Industry Average score will help you to set your target score and modify the settings accordingly.
- Once you established your target score, you can regularly monitor your score for any changes. For example, if a newly added user account doesn’t configure for MFA, then your MFA score will be dropped. If more users are configured without MFA, then your MFA score will drop to zero.
To access the Office 365 Secure Score, you need to have the permission as outlined in the Microsoft documentation.
Why is the Office 365 Secure Score not as popular as it should?
Microsoft has done everything perfectly to guide the Office 365 Administrators to increase their Office 365 tenant security, but this powerful tool has not reached many hands due to the inaccessibility.
Never wonder why ‘Secure Score Login’ is in the top search term in search engine regarding ‘Secure Score’.
The perfect place for the Office 365 Secure Score portal should be the ‘Office 365 Security & Compliance Center’. But Microsoft decided to give some exercise for your fingers by providing Secure Score in a new portal under ‘securescore.office.com’.
Jumping between portals – It’s not new for Office 365 admins because we are accustomed to it!
Thanks to Microsoft for adding the Secure Score widget in the home page of Security and Compliance Center lately. People have started getting to know more about it now, but they are yet to unlock the full potential of the Secure Score due to a few caveats.
Few caveats on Secure Score:
- Regularly monitoring the Secure Score is essential. If there is any drop in the score, then the admin needs to investigate and gain back the score. But there is no scheduling option for Secure Score metrics to keep an eye on the score.
- Too much of anything is good for nothing. If your day to day task is to monitor a particular control setting, say for example the TLS connections, then too much of Secure Score controls will make it difficult to navigate to particular settings regularly. Even if you export or download the score metrics, you need to deal with numerous control settings.
- Office 365 Secure Score metrics are preserved only for the past 90 days. Due to the less retention duration, it’s not possible to maintain the history of the score trend for investigation.
- Above all, a decoupled portal makes it harder for Office 365 Secure Score to reach a wider audience.
Making Office 365 Secure Score More Accessible and Powerful
On top of what Microsoft offers, AdminDroid Office 365 reporting tool provides more customization and easy accessibility which can help Office 365 administrators and security experts to utilize the power of Office 365 Secure Score with full potential.
Find your Strongest and Weakest Security Areas: Easily find your strongest and weakest security areas by checking the ‘Full Score’ and ‘Zero Score’ reports.
Schedule / Export Secure Score Reports: Secure Score reports can be customized, filtered, exported and scheduled as per your requirement. The reports can be exported to CSV, Excel, PDF, or HTML.
Longer Retention: AdminDroid gathers Secure Score data and preserves it in a local database for an indefinite period. Longer retention ensures having access to your old data as long as you need.
Categorized Reports: For easier access, Secure Score reports are categorized into MFA Score, MDM Score, Intune Score, Azure AD Score, Exchange Score, SharePoint Score, etc.
Settings based Reports: For each control settings, separate reports are created with the necessary information like Maximum score, Obtained score, Recommended settings, and the Current settings of your tenant.
Score Trend: As each report denotes a single action/area. It’s easy to find the score changes and take necessary actions.
No Need to Jump Between Portals: We have added 60+ reports on Office 365 Secure Score right in the main portal of AdminDroid Office 365 Reporter. It ensures all your reporting and monitoring can be done using a single portal.
Quick Access: Any reports can be accessed instantly by typing a few keywords using our AI-based search console. To access the AI-based search console, just press Ctrl+Shift+F anywhere from the AdminDroid portal.