Online attacks are becoming more sophisticated and prevalent as more business are moving their data and services over to cloud platforms such as Office 365. Which in turn means that the standard, out of the box setup for security just doesn’t cut it any longer. In this post, I’m going to talk about increasing your Microsoft 365 security score followed by, Office 365 security hardening for your Office 365 tenant.
What is Office 365 Security Score?
Your Office 365 service includes a security analytics tool called Microsoft Security Score. This is a rated points-based system for Office and Microsoft online services is a snapshot of how secure your environment is. Looking at the scores, the Microsoft global average security score is a whopping 32 out of 500 points at the time of writing this article!
Why Use Security Score?
Security Score helps you understand the extent to which you have a robust security configuration. It also informs you about behaviours and best practices to have inside your Office 365 subscriptions. Comparing the security score of your company against your industries average is clear method of how secure your company is, and a prompt for actions that can be taken.
How do I increase the security score?
There are many ways to increase the overall the security score depending on the services your company is using. Fortunately, Microsoft has made a clear list of items that can be actioned in the Microsoft Secure Score portal. Each time a listed item is actioned the points will increase. At IT Leaders we aim of setting a baseline score between 200 and 300 for all our Office 365 customers.
Office 365 Security Hardening:
Now, let’s look at Office 365 security hardening. Security Hardening of an Office 365 tenant and its services requires a process of understanding what vulnerabilities are known and applying changes to the environment to secure these weaknesses.
The Office 365 environment is constantly changing and staying on top of new vulnerabilities is crucial to the security of Office 365. At IT Leaders we stay on top of these ever-evolving vulnerabilities by applying a set of Security Hardening processes to our tenants by default.
It’s also a great idea to enable audit logging and set retention periods which helps in the unfortunate event of a breach. Furthermore, hardening the security of our tenants further increases the Microsoft Security Score.
Here are 14 items that we apply to our customers tenant to harden their security:
- 1. Enabling Multi-factor Authentication for Microsoft 365
- 2. Enable self-service password reset for Microsoft 365
- 3. Setting the Base Line Retention Period for Office 365
- 4. Enable the Unified Audit Log for Office 365
- 5. Enable mailbox auditing on all users for Office 365
- 6. Change SPF record to hard fail for Exchange Mail
- 7. Use DKIM to validate outbound email sent from your domain
- 8. Raise the level of protection against malware for email
- 9. Protect against ransomware for Exchange Mail
- 10. Block auto-forwarding to external for Exchange Mail
- 11. Warn users of potential display name email spoofing
- 12. Disable POP and IMAP for all mailbox for Exchange Mail
- 13. Configure expiration time for external sharing links on Share Point
- 14. Set up versioning on SharePoint online document libraries
If you care about protecting your data and your security, consider allowing IT Leaders to increase your Microsoft Security Score. IT Leaders is a Microsoft Silver Partner and can assist with providing a complete licensing and management solution for your organisation. Don’t wait to implement our security hardening practices for Office and Microsoft 365— your data is at risk!
David Lee – IT Specialist
IT Leaders Today
Looking for IT solutions? No matter what type of IT support you need, IT Leaders is here to support you.