Improve your security posture

  • 3 minutes

The Secure Score tool determines the current state of an organization’s security posture and identifies the risks within the organization. The organization begins by running the tool and receiving this information. Its next step is to analyze the findings and plan how to improve its condition. During this planning process, it should consider:

  • the potential for risk.
  • the difficulty of implementing proposed solutions.
  • the time frames for implementation.
  • the effect on its rating based on each Microsoft 365 Secure Score action.

Based on a combination of these factors, the organization should rank its goals in order of priority. Doing so will result in a roadmap to a safer, more secure environment.

Important

Planning and implementation should involve all the key stakeholders in an organization. These roles include the Chief Information Security Officer (CISO), the IT security manager, and the administrators who manage Active Directory, Exchange, networking, and so on.

Design your security upgrade plan

Every organization is going to have different success criteria:

  • Some organizations want to achieve the maximum target score.
  • Others are satisfied to be somewhere in the middle.
  • Some organizations may prefer to address just their top five items.
  • Others only focus on the items that require the least amount of effort.

As you can see, there’s no “one size fits all” approach. Every organization must determine where they want to be and what they're willing to do to get there.

That being said, there are some common approaches that many companies start with when designing their security upgrade plan. For example, unless the tenant is in a high-risk industry such as finance or government, a common approach is to begin by implementing actions that have the lowest effect on user productivity while providing immediate gains. Examples of these actions include:

  • Enabling multi-factor authentication on all admin accounts.
  • Assigning the Global admin role to more than one user.
  • Enabling auditing across workloads.
  • Enabling mailbox auditing.
  • Having a weekly review of user sign-in attempts after multiple failures.
  • Having a weekly review of user sign-in attempts from unknown sources.
  • Having a weekly review of user sign-in attempts from multiple geographies.

Priorities will differ from one organization to another. For example, organizations in the finance and healthcare sectors who are subject to industry regulations may decide on a more aggressive timeline. As such, they may implement solutions such as Data Loss Prevention and Information Rights Management. These solutions have a greater effect on users and take longer to implement.

Tip

It's recommended that you assign a sponsor to help set up meetings, remove roadblocks, and ensure teams stay on schedule.

Finally, using the Secure Score tool to identify potential risks and create a roadmap to mitigate those risks shouldn't be a one-time project. Changes will likely occur over time that affect your state of security. These scenarios can include the addition of new administrators and users, new regulations, and new services and features across Microsoft 365. Periodically running Secure Score every six months or so provides the insight needed to mitigate any risks associated with those changes.