Quelle est votre note de sécurité Office 365?

Quelle est votre note de sécurité Office 365?

You may not know about the Microsoft Office 365 secure score, it is a note Microsoft gives you depending on how your tenant is configured. It is part of the Security & Compliance center (https://protection.office.com)

Office 365 secure score

What is surprising is that the average score is extremely low… So, have you checked your score yet?

Should I be worried?

Well it depends, in any case it is good to be aware if you have a low score.

First of all you should definitively set up the features that gives you the most points, like the option to enforce multi factor authorization for admin accounts and enabling mailbox auditing. The Exchange audit is not enabled by default. Have a look at this article to set it up.

Make sure you regularly have a look at the Azure Active Directory audit reports, especially the Risky sign-ins one, we also recommend checking the Failed login attempts report. To be sure you don’t forget to check these you can setup a reminder in Outlook. These checks will give you some additional points.

Azure AD failure sign-in report

Azure AD failure sign-in report

Score Tip

Your score may not take into account the review of some reports if you access them directly. If you want the related points to be taken into account, consult them directly from the Secure Score page, by clicking « Learn more » then « Review » for each review report recommendation.

Security in Office 365

Office 365 automatically includes many security features like the Smart Lockout, but there are some other tools that need to be configured and monitored manually, and you cannot just assume that everything will be automatically handled.

Office 365 security reports dashboard

Office 365 security reports dashboard

The Security Center is very powerful and Microsoft is adding new tools like the Office 365 Attack Simulator, and you should definitively have a look at it.


The secure score is a good way to have an idea of where you are. But do not focus too much on what score you obtain, instead make sure your company has clear Office 365 security policies defined.

Do you want us to check your Office 365 security? Do not hesitate to contact us.

    En cochant cette case, je reconnais avoir pris connaissance et accepte les conditions décrites en bas de page
    Les données personnelles que vous fournissez en remplissant ce formulaire seront traitées par IXIT APLICACIONES INFORMATICAS SL en tant que responsable de ce site web. Le but de la collecte et du traitement des données personnelles est d'envoyer des informations sur les produits et services offerts par IXIT APLICACIONES INFORMATICAS SL. La légitimation se fait avec le consentement de l'intéressé. Vous pouvez exercer vos droits d'accès, de rectification, de limitation et de suppression des données fournies. Pour plus d'informations, consultez notre politique de confidentialité.
    Next Post Previous Post