Office 365 and Azure Security Audit & Setup Checkup

We’re in the process of digging in to the methodology for securing our Office 365 (O365) and Azure resources.

One of the things we are doing is building an on-boarding checklist for setting up O365 and Azure tenants as we sign them up.

The first place to start is the Microsoft Secure Score in the Office 365 Security & Compliance Console. After signing in with the admin account for the tenant we are greeted with a very wide range of security and compliance related tasks. It can actually be quite overwhelming at first!

image

Microsoft Office 365 Security & Compliance Dashboard

Note the Microsoft Secure Score in the middle column. It’s not looking too good for a newly set up tenant now is it?

We clicked on the link at the bottom to bring up the Microsoft Secure Score page.

image

Microsoft 365 Security: Microsoft Secure Score

At the bottom of this page we have the Improvement actions section with a Show More link under it. We clicked on that link and once the Microsoft Secure Score page came up clicked on the Rank column header to sort the most important things to do to the top of the list:

image

Microsoft Secure Score: Ranked Improvement Actions

Now that we’ve seen the list there are some items we deem more important to get to relative to their Rank score.

The first place to start is to make sure Multi Factor Authentication (MFA) is set up for _all_ accounts in the O365 and Azure especially the tenant’s administrator account(s).

What’s the moral of the story?

Get Secure. Get Secure Now!

Further reading:

Thanks for reading! 🙂

Philip Elder
Microsoft High Availability MVP
MPECS Inc.
www.s2d.rocks !
Our Web Site
Our Cloud Service

Leave a comment

Your email address will not be published. Required fields are marked *

One thought on “Office 365 and Azure Security Audit & Setup Checkup”