How to Use Microsoft Secure Score to Protect Your Office 365 Accounts from a Breach

One of the biggest targets of hackers when it comes to credential theft is also the most used cloud platform in the world. Office 365 is being targeted more frequently every year by criminals looking to access sensitive company information as well as user email accounts.

In March of 2020, the FBI sent out a Private Industry Notification warning organizations that cyber criminals were increasingly exploiting cloud-based email services, such as Office 365 and G Suite.

The attacks on cloud platforms can often get past on-premises cybersecurity tools that businesses in Charlotte, Durham and the rest of the country use. And while most cloud services offer security settings for account protection, those settings often have to be manually turned on or configured.

There are over 300 million fraudulent sign-in attempts on Microsoft cloud services every day.

One of the tools that Microsoft provides to help you secure your Office 365 accounts is Microsoft Secure Score. This is an extremely useful tool that gives you insight into your current security posture and makes suggestions on how you can improve it.

How Does Microsoft Secure Score Work?

The Secure Score application is basically a report card on how your company is doing as to the security of your Office 365 account. It displays a score that is based upon:

  • The number of security safeguards you have in place
  • The number of security safeguards that aren’t in place
  • The total number of security safeguards available

For each action that can be taken to protect your Office 365 accounts from being compromised, a point score is given.

For example, if you implement multi-factor authentication (MFA) for your users, you can earn 30 points. 

But if you only implement MFA for 50% of your users, then you’ll receive approximately half the points.

The goal is to tell you how well protected your Office 365 platform is and guide you towards ways to improve your security score.

Image source: Microsoft

How to Access Secure Score

You can access Microsoft Secure Score by going to the Office 365 Security and Compliance Center. Additionally, it can also be accessed through the Microsoft Graph API.

For read/write access to Secure Score, you need to have one of the following roles in Azure Active Directory:

  • Global administrator
  • Security administrator
  • Exchange administrator
  • SharePoint administrator

How to Use Microsoft Secure Score

When you open the Secure Score panel, you’ll see your overall score as compared to how many points you could get if you took every suggested security action. 

For example, if there are a total of 500 points available if you implement all security recommendations and you’ve taken action on items with a point total of 275, you’ll see a score of 275/500.

You’ll see a list of recommendations that allow you to increase your point score. These recommendations can be related to:

  • Settings (i.e. turning on a security setting); or
  • Reviewing reports (reviewing a specific report regularly)

Examples of Secure Score recommendations that you might see are:

  • Review mailbox forwarding rules weekly
  • Designate less than 5 global admins
  • Implement multi-factor authentication for all accounts
  • Enable self-service password reset
  • Activate Information Rights Management (IRM)

Each recommendation is meant to add additionally security to your Office 365 accounts and protect the data stored within the platform.

Options for Actions to Take

On each recommendation, you’ll be given a choice of actions to take. When you select one of the actions, you’ll see a fly out that guides you through the process.

Options include:

  • View settings: This takes you to the appropriate configuration screen to make the recommended setting change.
  • Resolve through third party: If you’ve already taken the recommended security action, but it was through a third-party software, clicking this lets Secure Score know so it will grant you the points.
  • Ignore: If you’ve reviewed the recommendation but decide that it’s not necessary to implement, you can choose to ignore it. This will deduct the points of that action from the total achievable points. You can undo this in history view.
  • Review: If the recommendation is related to reviewing a specific security-related report on a regular basis, then clicking “review” will take you to that report.

Once you’ve taken a recommended action, it can take up to 24 hours for those points to be added to your score.

History View

Another helpful part of the Secure Score tool is the “history” tab. This view allows you to see a timeline of all the actions that you’ve taken in Secure Score. This can be extremely helpful if users are experiencing an issue with access to a specific area of Office 365. 

For example, you could check the history timeline and potentially learn that certain access restrictions had been put in place during a Secure Score review to explain the issue.

History also allows you to undo any past actions, including if you ignored a recommendation or if something was designated as being handled by a third-party software, but now you’re no long using it.

Improve Your Cloud Security with Help from RCOR

Cloud platform security is just as important as on-premises IT safeguards. We can help you ensure your cloud solutions are properly configured to give you the protection you need, where you need it.

Contact us today to schedule an IT security consultation. Call 919-263-5570 or contact us online.