Moving to the cloud has a lot of benefits, but there are also a lot of concerns, particularly in the security field. Luckily, there is a new tool from Microsoft that gives you a security score on your particular account and provides recommendations on how to improve it.
Considering that the average security score for Office 365 is 17 out of around 500, that’s pretty scary. I don’t know what their grading scale is, but to me, that’s not good. Luckily this tool offers suggestions on what to improve so you can get your account more secure. No one wants their emails and data falling into the wrong hands, especially hackers.
What Is Secure Score?
Secure Score is a security analytics tool that will help you understand what you have done to reduce the risk to your data in Office 365, and show you what you can do to further reduce that risk. We think of it as a credit score for security. Secure Score figures out what Office 365 services you are using, then looks at your configuration and behaviors and compares it to a baseline asserted by Microsoft. If your configuration and behaviors are in line with best practices, you will get points, which you can track over time. More importantly, you will be able to quick determine what things you can do to reduce their risk. The tool is free and there is nothing to download or integrate. Just simply log into your Microsoft account.
How Can I Make My Office 365 Account More Secure?
The Secure Score tool offers many different suggestions and categorizes it nicely for you. One of the big ways to make it more secure is enabling MFA for all users, especially administrators. MFA, or Multi-Factor Authentication, basically requires you to sign in with a different security code each time you want to access the Microsoft Online Portal. There are different ways to set this up, but a common scenario is to receive a text message with a verification code anytime you try to login. That way if someone happened to gain access to your password, they won’t be able to login, unless they happened to steal your cell phone as well. If you’re the type who is glued to your cell phone, this method can add a lot of extra security, without being too annoying. However, if you left your cell phone at home and you set up text messaging as your verification method, good luck trying to get some productive work done…
If you’re old school and you don’t have text messaging, there are also options to have the verification code sent by calling your office phone or cell phone. Otherwise you can set up an Azure Authenticator App as an option as well.
Disclaimer: The Secure Score does not express an absolute measure of how likely you are to get breached. It expresses the extent to which you have adopted controls which can offset the risk of being breached. No service can guarantee that you will not be breached, and the Secure Score should not be interpreted as a guarantee in any way