Microsoft provides a system to increase the security of your Microsoft 365 account.
An article on Microsoft’s website describes Microsoft Secure Score as a measurement of an organization’s security posture. Many businesses are unaware that this tool even exists. However, Microsoft Secure Score is designed to help you take steps towards improving the security of your Microsoft 365 account. You can find that article from Microsoft here.
The scoring system is simple, from 0 to 100, with higher numbers being more secure. A dashboard provides an interface to quickly see your current score. You will also find recommendations for improving your score and a planning tool to help set goals for improvement. The tool allows you to accept certain risks, specifically if the recommended steps could inhibit productivity. Microsoft acknowledges that taking all recommended actions may not be feasible in your business.
Examples of ways to improve your Secure Score
There are many factors that impact your Secure Score. Some of these may be simple policies or settings that can be addressed within your Microsoft product suite. Third-party security solutions like email filtering and malware detection solutions may also address some of these issues.
For users of Microsoft 365, one key step to take is to enable multi-factor authentication on each account. There has been a rapid rise of Microsoft email account hi-jacking attacks recently. You are leaving yourself at risk when all it requires to access your Microsoft account is a username and password. Therefore, enabling MFA vastly improves your account security.
Multi-factor Authentication
Multi-factor Authentication (MFA) adds a powerful layer of security for controlling access to your Microsoft account. It requires the user to prove to the system that they are who they claim to be. For instance, you may have the system send a text containing a unique numeric code or you may use a code generated by an authenticator app. If you use the Microsoft Authenticator app, you will simply be sent a message that asks if you are attempting to access your Microsoft account. In this case, all you need to do is confirm that you are indeed logging into the account through the authenticator app.
Some users are reluctant to have this extra layer of security in place. However, Microsft states that it will eliminate 99.9% of Microsoft 365 account hi-jacks. Many businesses have suffered huge losses from crimes involving hi-jacked email accounts, so adding this extra layer of protection to the account is a wise choice.
Some businesses have had payments redirected or fraudulent money transfers occur. While other businesses have experienced damaged reputations from a hacker communicating with their clients via a hacked email account. With either scenario being damaging to your business, enabling MFA is a step worth taking.
MFA is not as painful as you may think.
Generally speaking, most users will only have to provide the second form of identity proof occasionally. In most cases, once the system recognizes the computer or phone they are using to access their accounts, it will not need the second piece of information to log into the account. The user will only be required to confirm their identity via MFA periodically after that when using a device that is recognized.
Multi-factor authentication is a key step in improving your Microsoft Secure score, but there are many others. Many of these steps are highly technical, so it is a good idea to get the help of an IT expert. If you would like assistance improving your Microsoft Secure Score or any other Microsoft 365 needs, contact me today to schedule a meeting.