SECURITY CHECK-IT: STEP 13

Secure Score

If your IT department or partner has moved your company’s workload to Microsoft Office 365, that’s good news! It makes everything function well, e-mails are exchanged online, files are shared on one Drive & Sharepoint, meetings and presentations take place in Microsoft Teams, … And the employees are satisfied because they can work remotely without the hassle of VPN.

But, there is a but… At the world’s biggest hack convention, Black Hat 2020 in August, there were several sessions on Office 365. The reason for this is that the huge amount of data stored in the cloud is proving to be a tempting target for some of the world’s most advanced hacking operations, according to cyber security researchers at FireEye Mandiant.

Office 365 – and more specifically Azure AD – is also a gateway for an organisation to access other applications as a single sign-on platform. The solution is to implement a multiple step plan and closely monitor adoption and compliance through a single pane of glass. This is not an easy task. Fortunately, Microsoft offers a helping hand.

Microsoft Secure Score, at its basic form, is a free portal included in Office 365. The portal is a measurement of your security posture that adapts dynamically. When your organisation adopts the Microsoft ATP products, this portal comes into its full advantage. It collects information about the Azure AD identity, data, apps and devices.

This helps your IT department or -partner to know where your company stands in terms of security and what the ideal situation is. To help us get there, Secure Score produces improvement recommendations. These recommendations should be evaluated with the business and implemented with caution. The main points of attention are collected in the Security Defaults and are minimum security requirements that every company should implement as soon as possible:

  • Ensure that all users set up multi-factor authentication for secure access
  • Require MFA for administrative functions
  • Enable policies to block legacy authentication

Without these, we are basically sitting duck to attacks from groups such as the Iranian APT35, which are scanning the cloud in a fully automated way for easy ways to get in.

The more complex steps are around hardening the endpoint and server OS, implementing Data Leak Prevention policies, Cloud app security and much more. Implementing these steps is best left to Microsoft Security specialists.

As is always the case with security, the Microsoft Secure Score is a constantly evolving game between bad guys and good guys. Every month we see new threats and new solutions emerge. The only way to stay on top of the security game is by regularly following the security recommendations. A partner like Tyneso can do this efficiently because we can script and roll out the remediations over a number of tenants, which saves our clients a lot of effort and minimises the time between detection and resolution of a security risk.

Do you have any questions or would you like to know your company’s Secure Code? We will gladly help you! Send an email to [email protected] and we will contact you as soon as possible.