The Office 365 Secure Score is a security analytics tool that will help you understand what you have done to reduce the risk to your data in Office 365, and show you what you can do to further reduce that risk.
The core idea is that it is useful to rationalize and contextualize all of your cloud security configuration and behavioral options into one simple, analytical framework, and to make it very easy for you to take incremental action to improve your score over time. Rather than constructing a model with findings slotted into critical, moderate, or low severity, we wanted to give you a non-reactive way to evaluate your risk and make incremental changes over time that add up to a very effective risk mitigation plan.
The Secure Score does not express an absolute measure of how likely you are to get breached. It expresses the extent to which you have adopted controls which can offset the risk of being breached.
No service can guarantee that you will not be breached, and the Secure Score should not be interpreted as a guarantee in any way.
Your Secure Score Summary
The Score Summary panel gives you your current Secure Score, and the total number of points that are available to you, given your subscription level, the date that your score was measured, as well as a simple pie chart of your score.
The score is calculated once per day. If you make a change to a measured action, the score will automatically update the next day. It takes up to 48 hours for a change to be reflected in your score.
Risk Assessment
While the Secure Score is framed as a ‘gamification’ of your security, it is important to recognize that every action you take will mitigate a real-world threat. This panel shows you the top threats for your tenancy, given your particular configuration and behaviors. Make sure you read about and understand the risks you are mitigating every time you take an action.
The Office 365 Average Secure Score is calculated from every Office 365 customer’s Secure Score. You can use this panel to get a better sense of how your score stacks up against the average. The specific controls that are passed by any given customer are not exposed in the average, and your Secure Score is private.
Take Action
Helping you figure out which actions to take to improve your score is the purpose of the Secure Score. There are three basic parts to the experience:
First, there is the modeler. Use the slider to figure out how many actions you want to review.
Second is the action pane. When you open this, you will see a description of the control, explaining why we think it is an effective mitigation, and what we observed about your configuration.
Thirdly, you will see a remediation pane fly-out that explains exactly what you are about to change, and how it will affect your users. Eventually, the Launch Now link (which takes you to a separate security center now) will allow you to make the desired change right from the Secure Score experience.
Score Analyzer
We wanted to make it easy for admins to analyze and report to their executives and stakeholders their progress on risk mitigation over time. The Score Analyzer experience allows you to review a line graph of your score over time, to export the audit of your control measurements for the selected day to either a PDF or a CSV, and to review what controls you have earned points for, and which ones you could take action on.
Resources -
Introducing the Office 365 Secure Score
-
Video: An introduction to Office 365 Secure score
Threat Intelligence (Preview)
Availability: first quarter of 2017. Included as part of the Office 365 Enterprise E5 plan and the new Secure Productive Enterprise E5 offering.
Organizations are being targeted with increasingly sophisticated attacks. Threat Intelligence will help you proactively uncover and protect against advanced threats by analyzing billions of data signals across Office consumer and commercial services. Threat Intelligence also provides deep insights from cyber threat hunters to create a comprehensive view of malware trends around the world. In addition, we’re integrating signals from Windows and Azure to help customers realize the full benefit of the Microsoft Cloud.
Security admins will see a dashboard with rich insights to do deep investigation of malware and will be able to integrate data with existing security management tools.
Threat Intelligence takes it a step further by alerting security admins and proactively creating and suggesting security policies to help protect you against malware. For example, if analytics show that attacks are happening in the financial industry, the service will alert customers in finance and related areas to the trend. Threat Intelligence will also dynamically create and suggest additional security policies to help protect you before they get to your network.
Share with your friends: |