Office 365 and Azure Security Audit & Setup Checkup

We’re in the process of digging in to the methodology for securing our Office 365 (O365) and Azure resources.

One of the things we are doing is building an on-boarding checklist for setting up O365 and Azure tenants as we sign them up.

The first place to start is the Microsoft Secure Score in the Office 365 Security & Compliance Console. After signing in with the admin account for the tenant we are greeted with a very wide range of security and compliance related tasks. It can actually be quite overwhelming at first!

Microsoft Office 365 Security & Compliance Dashboard

Note the Microsoft Secure Score in the middle column. It’s not looking too good for a newly set up tenant now is it?

We clicked on the link at the bottom to bring up the Microsoft Secure Score page.

Microsoft 365 Security: Microsoft Secure Score

At the bottom of this page we have the Improvement actions section with a Show More link under it. We clicked on that link and once the Microsoft Secure Score page came up clicked on the Rank column header to sort the most important things to do to the top of the list:

Microsoft Secure Score: Ranked Improvement Actions

Now that we’ve seen the list there are some items we deem more important to get to relative to their Rank score.

The first place to start is to make sure Multi Factor Authentication (MFA) is set up for _all_ accounts in the O365 and Azure especially the tenant’s administrator account(s).

What’s the moral of the story?

Get Secure. Get Secure Now!

One thought on “Office 365 and Azure Security Audit & Setup Checkup”

1 pingback

¹[…] often does someone have to go back into their O365 management portal (blog post) to check on anything else… - Microsoft and Partners: Just whose customers are they anyway? – MPECS Inc. Blog

Leave a comment Cancel reply

One thought on “Office 365 and Azure Security Audit & Setup Checkup”