Episode 74
Have you ever wondered how secure your business really is?
In this week’s WineDown, we discuss Microsoft’s security assessment tool, Microsoft Secure Score, how to discover your risks and how to improve your security. And what’s great about this tool is that it’s included with most Microsoft365 subscriptions so there’s no excuse not to use it.
So, what does Secure Score do?
It reviews your Microsoft365 tenancy against a list of best practices and scores you accordingly. It then produces a detailed list of risks and items to improve, each with an indication of how much your score would be improved if that item was addressed.
Sounds simple right? Well, it is!
It’s fairly easy to get a quick report on where you stand but understanding the individual risks and what they mean are another thing. There are also some recommendations that require the use of additional (Microsoft) security products in order to implement. So businesses should assess the level of importance of those items and the investments needed to remediate them. If you’re unsure or need help (and realistically, most businesses will), reach out to the team at TribeTech, who specialises in cyber security solutions and we can help you evaluate.
There’s a lot to do but where to start?
From a business viewpoint, look at the overall score. Plan to make small changes each month so that your score improves over time. Some of the smaller items may be able to be implemented quickly. Others may take some time to address.
Don’t just go and enable everything. Chances are something will break in your environment which may take a lot of effort to work out what is actually wrong. For example, which of the 10 things that I just changed broke my application?
Some of the recommendations can require complex changes to your tenancy and can affect not only applications, but user experiences. These changes should be carefully planned out with the help from your managed IT provider who can communicate the impact of these changes, how they should be executed and tested, and train your users on what to expect.
Other changes can have unexpected consequences. For example, blocking legacy authentication has a high rating. These days it is seen as an easy way to for unauthorised users to get access to a tenancy. Legacy authentication is where applications authenticate with your tenancy using a user-id and password, rather than modern, more secure methods. This was often the case with photocopiers or multi-function devices which would email you what was scanned on them. If you have these and they are configured with legacy authentication methods, these would stop working if you enabled the ’block legacy authentication’ control and had not previously upgraded their firmware and configured them to use modern authentication controls.
Introducing the Microsoft 365 Defender Suite!
These security features are based around the Microsoft 365 Defender suite. Depending on your licence level, you may also have access to vulnerability scanning. This gives you a list of machines in your environment that have known vulnerabilities. It doesn’t cover your entire network, but more and more things are being included over time.
If you have devices that show up in this list, make sure they are patched and kept up to date. One of the most common attack entry points is from known vulnerabilities so you should prioritise your protection against these.
Where to from here?
The important thing to take from this week’s episode is to work with your IT provider to understand your current security state and what can be done to improve it.
Reach out to the cyber security experts at TribeTech for help with your Secure Score and tailored advice to improve your business’ security.
Wine of the Week
Despite Nick being stuck in isolation, the pair were able to enjoy a half bottle of Wolf Blass Grey Label McLaren Vale Shiraz 2019 (4/5⭐).
Scott Atkinson : 02/11/22