One major reason cloud-based file storage systems are so popular among enterprises is that they free IT teams from having to store, manage, and protect that data on their own internal servers. Unfortunately, that same benefit can translate into a considerable downside as responsibility for hosting this data goes to cloud providers—as does control over how it’s secured.
This concern about data exposure and vulnerability to security breaches has prompted popular cloud storage platform Microsoft 365 to set itself apart in terms of its dedication to security, using a physical, logical, and data layer of security to safeguard the environments it hosts. But while Microsoft is clearly dedicated to safeguarding data on the back end, there’s no preventing a security leak if your password happens to be “1234.” That’s why Microsoft also offers the Office 365 Secure Score, an analytics tool that makes it easy for users to optimize their security configuration.
So what is Office 365 Secure Score, and how can you use it to improve the security of your company’s digital assets? Here are a few pointers on what this tool does, how it works, and what you can do to mitigate the risk of cybercrime and improve your score.
Microsoft Secure Score essentially functions as your own personal security analyst. This Office 365 security risk assessment uses cutting-edge algorithms to find vulnerabilities in your system then recommend best practices to follow and configurations to change in order to protect those vulnerabilities. It does this by looking at the Microsoft services you’re using, examining your settings and recent activity, and running them against cybersecurity standards set by Microsoft.
Some recommendations are more critical than others to protect against Office 365 security risks, so the algorithm determines the value of each best practice according to its level of importance. The more important the recommendations you follow, the higher your score will be. For example, putting two-factor verification in place will do more for your security than remediating vulnerabilities in your container security configurations, so following the former recommendation will add more points to your overall Office 365 Security Scorecard.
Microsoft Secure Score also shows you all the risks to which your current security posture has left you vulnerable, such as an account breach, data spillage from an authorized user to an unauthorized one, or even a malicious insider.
As long as you have a subscription that includes Microsoft 365 Business, Office 365 Business Premium, or Microsoft Enterprise, all you need to do before using Microsoft Secure Score is sign in from an account that has administrative privileges at the Office 365 Secure Score site. You can also access Security Score as a widget through the Microsoft Security and Compliance Center.
The service will analyze all your current configurations and activity for the apps you’ve purchased and give you your first score. After that, a new Secure Score is generated for you automatically each day.
With each day’s score comes a list of high-priority action items that you can finish that day in order to bring your score up. Clicking on each action item will bring up a short explanation of why it’s needed and what steps you need to take to complete it. The service even sets out the impact of any recommendations, clearly showing you how much your score will rise once you’ve completed all the action items in your queue, as well as their expected impact on productivity.
The highest possible score you can achieve using this tool is 452, but it’s reasonable to set a lower standard that won’t have too big an impact on users. The goal isn’t necessarily to reach the highest possible score, but to achieve a “balanced” score that demonstrates a strong security posture without cutting into productivity. The algorithm’s definition of a “balanced” score is anywhere between 254 and 372, which should be enough to protect you against typical Office 365 security risks.
You can compare your own score with the averages of other Microsoft 365 users on the Summary page. You can also look at the Score Analyzer to see how your score has improved over time, and what actions you took on what days.
While the recommendations you receive will depend on the security needs of the enterprise and the services to which you’ve subscribed, there are a number of steps that the vast majority of businesses can take to help improve their score and safeguard their data from Office 365 security risks. These steps include:
Office 365 Secure Score is a handy way of understanding cybersecurity and protecting cloud assets that are otherwise out of your enterprise’s control. Of course, following its recommendations alone won’t sufficiently secure all your assets—it takes a robust set of protections against ransomware, phishing threats, malware, and other dangers to gain real peace of mind in today’s security environment. But Secure Score takes the unbelievably complex world of security and renders it easily navigable for its users, making this a great first step that any Microsoft user can take to really start protecting themselves from malicious parties.