Beating enforced home working due to Covid-19 using Microsoft Security Management.

Unless you have been living under a rock for the past couple of months, Covid-19 has forced organisations to promote home-working. The issue with this is that most organisations today, are just not prepared for home-working. So in this post I will look at the quick wins which can be implemented using Microsoft Security Management tools to first of all identify and protect against potential threats to your Cloud platform. So Microsoft Security Management is just a name for a number of its products and features, as today I am going to go through what can be used to improve your environment.

Microsoft Secure Score

Microsoft Secure Score is a measurement of an organization’s security posture, with a higher number indicating more improvement actions taken. Following the Security Score recommendations can protect your organization from threats. From a centralized dashboard in the Microsoft 365 security center, organizations can monitor and work on the security of their Microsoft 365 identities, data, apps, devices, and infrastructure.

Secure Score helps organizations:

  • Report on the current state of the organization’s security posture.
  • Improve their security posture by providing discoverability, visibility, guidance, and control.
  • Compare with benchmarks and establish key performance indicators (KPIs).

Organizations gain access to robust visualizations of metrics and trends, integration with other Microsoft products, score comparison with similar organizations, and much more. The score can also reflect when third-party solutions have addressed recommended actions.

Browsing to https://securescore.office.com will allow you to direct access your Microsoft Secure Score and see what recommendations have been made.

Check out what’s coming to Microsoft Secure Score. https://docs.microsoft.com/en-us/microsoft-365/security/mtp/microsoft-secure-score-whats-coming?view=o365-worldwide

Audit Logging

Turning on auditing within your Office 365 tenancy is possibly one of the quickest things you can do today. By enabling Audit Logging user and admin activity from your organization is recorded in the audit log and retained for 90 days.

In order to switch on Audit Logging using your tenancy you will need to visit the following URL https://protection.office.com/homepage then go to Search –> Audit Log search

Then simply press Turn on auditing

Microsoft will now prepare Office 365 audit log and this may take up to a couple of hours to complete.

  1. Connect to Exchange Online PowerShell
  2. Run the following PowerShell command to turn on audit log search in Office 365. PowerShell

1
Set-AdminAuditLogConfig -UnifiedAuditLogIngestionEnabled $true

Office 365 Increased Security

Without reinventing the wheel, I suggest organizations look at the following URL to see where they can make improvement to this Office 365 security. https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/tenant-wide-setup-for-increased-security?view=o365-worldwide

Reports!!!

It is important that you review you Reports Dashboard to help identify any potential issues within your environment. Visit the URL below to start you investigations

https://protection.office.com/insightdashboard

Regards,
The Author – Blogabout.Cloud

Leave a Reply

Your email address will not be published. Required fields are marked *