Tag Archives: Microsoft Secure Score

Improved Secure Score in Office 365 tenant

In a previous blogpost I explained about the Microsoft Secure Score and how this indicates the level of security in your Office 365 tenant.

My initial score was only 70, which is pretty low. By implementing Self Service Password Reset and MFA for Admin Acccounts the Secure Score was increased to 122. It could have been a couple of point higher when enabling MFA for all users, but not all users have licenses in Office 365.

I’m curious to see what improvements I can make in the Exchange Online part and how this will influence the Secure Score. Stay tuned 🙂

secure-score-122

Microsoft Secure Score – Improve security of your tenant

During Ignite 2018 in Orlando there was a lot of focus on security in Office 365 and Azure Active Directory. That makes sense, a cloud solution is accessible for everyone. Not only your own internal users, but also the bad guys that are out for your data, accounts or money. And not only your user accounts are at risk, your admin accounts even more, and when losing your admin accounts, you are pretty much out of business.

It was shocking to hear that there are 6,000 compromised admin accounts each month, and only 4% of all admin accounts have MFA enabled. And the number of compromised admin accounts decreases with 99,9% with MFA enabled. Go figure!

Other issues that impact security negatively is weak passwords. Everybody knows about brute force attacks, but ever heard of password spray attacks? Based on user lists and (default) weak passwords all combinations of usernames and passwords are tried, without you as an admin even knowing what’s going on.

The list with security issues is impressive…. Weak (legacy) authentication, no password changes, phishing attacks, spoofing, auto-forwarding, too many global admins, permissions and roles, unmanaged devices, etc. etc.

Continue reading Microsoft Secure Score – Improve security of your tenant