SOLVED

Announcement: Office 365 Secure Score Released to Public Preview

%3CLINGO-SUB%20id%3D%22lingo-sub-5429%22%20slang%3D%22en-US%22%3EAnnouncement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-5429%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%3EMicrosoft%20is%20pleased%20to%20announce%20the%20preview%20availability%20of%20a%20new%20security%20analytics%20service%20called%20the%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fsecurescore.office.com%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%3EOffice%20365%20Secure%20Score%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%3E.%20The%20Secure%20Score%20is%20a%20security%20analytics%20tool%20that%20will%20help%20you%20understand%20what%20you%20have%20done%20to%20reduce%20the%20risk%20to%20your%20data%20in%20Office%20365%2C%20and%20show%20you%20what%20you%20can%20do%20to%20further%20reduce%20that%20risk.%20We%20think%20of%20it%20as%20a%20credit%20score%20for%20security.%20Our%20approach%20to%20this%20experience%20was%20very%20simple.%20First%2C%20we%20created%20a%20full%20inventory%20of%20all%20the%20security%20configurations%20and%20behaviors%20that%20our%20customers%20can%20do%20to%20mitigate%20risks%20to%20their%20data%20in%20Office%20365%20(there%20are%20about%2077%20total%20things%20that%20we%20identified).%20Then%2C%20we%20evaluated%20the%20extent%20to%20which%20each%20of%20those%20controls%20mitigated%20a%20specific%20set%20of%20risks%20and%20awarded%20the%20control%20some%20points.%20More%20points%20means%20a%20more%20effective%20control%20for%20that%20risk.%20Lastly%2C%20we%20measure%20the%20extent%20to%20which%20your%20service%20has%20adopted%20the%20recommended%20controls%2C%20add%20up%20your%20points%2C%20and%20present%20it%20as%20a%20single%20score.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EThe%20core%20idea%20is%20that%20it%20is%20useful%20to%20rationalize%20and%20contextualize%20all%20of%20your%20cloud%20security%20configuration%20and%20behavioral%20options%20into%20one%20simple%2C%20analytical%20framework%2C%20and%20to%20make%20it%20very%20easy%20for%20you%20to%20take%20incremental%20action%20to%20improve%20your%20score%20over%20time.%20Rather%20than%20constructing%20a%20model%20with%20findings%20slotted%20into%20critical%2C%20moderate%2C%20or%20low%20severity%2C%20we%20wanted%20to%20give%20you%20a%20non-reactive%20way%20to%20evaluate%20your%20risk%20and%20make%20incremental%20changes%20over%20time%20that%20add%20up%20to%20a%20very%20effective%20risk%20mitigation%20plan.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EThe%20Office%20365%20Secure%20Score%20is%20a%20preview%20experience%2C%20so%20you%20may%20find%20issues%2C%20and%20you%20will%20note%20that%20not%20all%20of%20the%20controls%26nbsp%3B%20are%20being%20measured.%20Please%20share%20any%20issues%20on%20the%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FSecurity-Privacy-Compliance%2Fbd-p%2Fsecurity_privacy%22%20target%3D%22_blank%22%3E%3CSPAN%3EOffice%20Network%20Group%20for%20Security%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%3E.%20You%20can%20access%20the%20Secure%20Score%20at%20%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fsecurescore.office.com%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%3Ehttps%3A%2F%2Fsecurescore.office.com%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%3E.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EThe%20Secure%20Score%20does%20not%20express%20an%20absolute%20measure%20of%20how%20likely%20you%20are%20to%20get%20breached.%20It%20expresses%20the%20extent%20to%20which%20you%20have%20adopted%20controls%20which%20can%20offset%20the%20risk%20of%20being%20breached.%20No%20service%20can%20guarantee%20that%20you%20will%20not%20be%20breached%2C%20and%20the%20Secure%20Score%20should%20not%20be%20interpreted%20as%20a%20guarantee%20in%20any%20way.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3EYour%20Secure%20Score%20Summary%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EThe%20first%2C%20most%20important%20piece%20of%20the%20Secure%20Score%20experience%20is%20the%20Score%20Summary.%20This%20panel%20gives%20you%20your%20current%20Secure%20Score%2C%20and%20the%20total%20number%20of%20points%20that%20are%20available%20to%20you%2C%20given%20your%20subscription%20level%2C%20the%20date%20that%20your%20score%20was%20measured%2C%20as%20well%20as%20a%20simple%20pie%20chart%20of%20your%20score.%20The%20denominator%20of%20your%20score%20is%20not%20intended%20to%20be%20a%20goal%20number%20to%20achieve.%20The%20full%20set%20of%20controls%20includes%20several%20that%20are%20very%20aggressive%20and%20will%20potentially%20have%20an%20adverse%20impact%20on%20your%20users%E2%80%99%20productivity.%20Your%20goal%20should%20be%20to%20optimize%20your%20action%20to%20take%20every%20possible%20risk%20mitigating%20action%20while%20preserving%20your%20users%E2%80%99%20productivity.%3C%2FSPAN%3E%3C%2FP%3E%3CIMG%20src%3D%22https%3A%2F%2Fmsdnshared.blob.core.windows.net%2Fmedia%2F2016%2F08%2Fss_summary.png%22%20%2F%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EAs%20mentioned%2C%20the%20Office%20365%20Secure%20Score%20is%20in%20a%20preview%20release.%20Over%20the%20coming%20months%20you%20will%20see%20us%20continue%20to%20add%20new%20controls%2C%20new%20measurements%2C%20and%20improvements%20to%20the%20remediation%20experiences.%20If%20you%20like%20what%20you%20see%2C%20please%20share%20with%20your%20network.%20If%20you%20see%20something%20we%20can%20improve%2C%20please%20share%20it%20with%20us%20on%20the%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FSecurity-Privacy-Compliance%2Fbd-p%2Fsecurity_privacy%22%20target%3D%22_blank%22%3E%3CSPAN%3EOffice%20Network%20Group%20for%20Security%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%3E.%20We%E2%80%99re%20looking%20forward%20to%20seeing%20your%20scores%20go%20up%2C%20and%20making%20the%20Secure%20Score%20experience%20as%20useful%2C%20simple%2C%20and%20easy%20as%20it%20can%20be.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERead%20More%20Here%3A%20%3CA%20href%3D%22https%3A%2F%2Fblogs.technet.microsoft.com%2Foffice365security%2Fnew-security-analytics-service-finding-and-fixing-risk-in-office-365%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fblogs.technet.microsoft.com%2Foffice365security%2Fnew-security-analytics-service-finding-and-fixing-risk-in-office-365%2F%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-181869%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-181869%22%20slang%3D%22en-US%22%3E%3CP%3ESame%20thing%20is%20happened%20to%20me.%20I'm%20not%20a%20global%20admin.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EDoes%20anyone%20know%20what's%20the%20minimum%20access%20required%20to%20access%20this%20feature%3F%3C%2FP%3E%3CBLOCKQUOTE%3E%3CHR%20%2F%3E%26nbsp%3Bwrote%3A%3CBR%20%2F%3EUnable%20to%20access%20this%2C%20I%20get%20the%20following%3A%3CBR%20%2F%3E%3CBR%20%2F%3E403%3CBR%20%2F%3ESorry!%20Access%20denied%20%3A(%3C%2Fimg%3E%3CBR%20%2F%3EYou%20don't%20have%20permission%20to%20open%20this%20page.%20If%20you're%20a%20new%20user%20or%20were%20recently%20assigned%20credentials%2C%20please%20wait%2015%20minutes%20and%20try%20again.%3CBR%20%2F%3E%3CBR%20%2F%3EAnyone%20else%20seeing%20this%3F%3CHR%20%2F%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FBLOCKQUOTE%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-172791%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-172791%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Dean%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EI%20have%20not%20heard%20of%20any%20plan%20for%20these%20apps.%26nbsp%3B%26nbsp%3BIf%20you%20have%20ideas%20on%20what%20security%20controls%20should%20be%20measured%20for%20them%2C%20send%20me%20a%20private%20message%20and%20I%20am%20happy%20to%20share%20it%20with%20the%20engineering%20team.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-172778%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-172778%22%20slang%3D%22en-US%22%3E%3CP%3Ewhat%20are%20the%20plans%20for%20adding%20Power%20Apps%2C%20Flow%20and%2For%20Power%20BI%20to%20Secure%20Score%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-172771%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-172771%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Greg%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EFor%20the%20MDM%20actions%20we%20currently%20have%20the%20telemetry%20wired%20up%20for%20built%20in%20Office%20365%20MDM%20controls.%26nbsp%3B%20We%20are%20currently%20working%20on%20bringing%20in%20the%20Intune%20telemetry%2C%20so%20hold%26nbsp%3Btight.%26nbsp%3B%26nbsp%3BIf%26nbsp%3Byou%20want%20points%20for%20using%20Intune%20now%20you%20can%20press%20the%20third%20party%20button%20for%20those%20controls.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-172012%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-172012%22%20slang%3D%22en-US%22%3E%3CP%3ESecure%20score%20is%20great.%20We%20have%20slowly%20been%20tracking%20up%20as%20we%20fix%20the%20items%20that%20have%20been%20shown.%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EI%20seem%20to%20get%20incorrect%20scores%20for%20all%20the%20mobile%20options.%20I%20assume%20this%20is%20due%20to%20us%20using%20intune.%20Any%20idea%20when%20the%20secure%20secure%20will%20reflect%20the%20intune%20mobile%20settings%20and%20security%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-118280%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-118280%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Brandon%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI've%20granted%20all%20my%20InfoSec%20guys%20access%20in%20the%20Security%20and%20Compliance%20center%20as%20Security%20Administrators%20and%20Compliance%20Admins%2C%20but%20that%20doesn't%20seem%20to%20allow%20them%20to%20access%20SecureScore.%3CBR%20%2F%3EI%20then%20gave%20them%20Custom%20Administrator%2FReports%20Reader%2C%20but%20they%20still%20got%20403%20when%20accessing%20the%20page.%20Will%20try%20going%20up%20to%20Service%20Admins%20and%20see%20if%20that%20allows%20them%20in.%26nbsp%3BI%20also%20noticed%20that%20Compliance%20Admin%20is%20not%26nbsp%3Blisted%20in%20the%20available%20admin%26nbsp%3Broles%20for%20Office%20365%20users.%20Am%20I%20missing%20a%20preview%20feature%20or%20something%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-106231%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-106231%22%20slang%3D%22en-US%22%3E%3CP%3EI%20have%20the%20same%20issue%20with%20Intune%20scores%20not%20reflecting.%20We%20have%20been%20moved%20to%20intune%20on%20azure%20with%20Office%20365%20and%20dont%20get%20any%20scores%20showing%20up.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-61751%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-61751%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20John%2C%3C%2FP%3E%0A%3CP%3EThanks%20for%20the%20feedback.%20So%2C%20the%20way%20the%20access%20model%20is%20implemented%20users%20of%20the%20tool%20are%20only%20able%20to%20perform%20actions%20that%20align%20with%20their%20assigned%20role.%20So%2C%20if%20a%20control%20requires%20global%20admin%20permissions%20and%20the%20user%20is%20assigned%20an%20Exchange%20Online%20Admin%20role%2C%20they%20won't%20be%20able%20to%20make%20the%20change.%20This%20leaves%20some%20roles%20such%20as%20Security%20Administrator%20as%20functionally%20read-only%20roles.%20Most%20of%20the%20read-only%20state%20and%20configuration%20data%20is%20already%20accessible%20to%20all%20those%20roles%20anyway%20(although%20it%20would%20take%20more%20work%20to%20get%20the%20state%20data).%20We%20tried%20to%20strike%20a%20balance%20between%20exposure%20of%20the%20recommendations%20to%20the%20right%20set%20of%20company%20stakeholders%26nbsp%3Bwhile%20respecting%20the%20constraints%20of%20their%20assigned%20roles.%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThanks!%3C%2FP%3E%0A%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-61380%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-61380%22%20slang%3D%22en-US%22%3EInfoSec%20teams%20who'd%20find%20securescore%20useful%20for%20GRC%20purposes%20wouldnt%20want%20or%20shouldn't%20get%20the%20permission%20required%20to%20access%20it.%20Segregation%20of%20roles%20associated%20with%20access%20to%20this%20kind%20of%20functionality%20would%20be%20v%20useful.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-61242%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-61242%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20Anil%2C%3C%2FP%3E%0A%3CP%3EThanks%20for%20the%20follow-up.%20There%20is%20one%20control%20in%20the%20action%20list%20related%20to%20Skype%20for%20Business%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%22You%20should%20not%20allow%20your%20users%20to%20communicate%20with%20Skype%20users%20outside%20your%20organization.%20While%20there%20are%20legitimate%2C%20productivity-improving%20scenarios%20for%20this%2C%20it%20also%20represents%20a%20potential%20security%20threat%20in%20that%20those%20external%20users%20will%20now%20be%20able%20to%20interact%20with%20your%20users%20over%20Skype%20for%20Business.%20Attackers%20may%20be%20able%20to%20pretend%20to%20be%20someone%20your%20user%20knows%2C%20and%20then%20send%20malicious%20links%20or%20attachments%2C%20resulting%20in%20an%20account%20breach%2C%20or%20leaked%20information.%20We%20found%20that%20your%20external%20domain%20skype%20communications%20setting%20is%20set%20to%20%5BNot%20Measured%5D.%20If%20you%20restrict%20this%2C%20your%20score%20will%20go%20up%205%20points.%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EAt%20the%20moment%2C%20the%20control%20is%20not%20measured%2C%20so%20enabling%20external%20domain%20connections%20won't%20actually%20reduce%20your%20score.%20Long%20term%2C%20we%20think%20this%20is%20a%20defense%20in%20depth%20control%2C%20however.%20The%20risk%20is%20marginal%2C%20and%20can%20be%20fairly%20detrimental%20to%20user%20productivity.%20Its%20on%20the%20list%2C%20but%20ranked%20relatively%20low.%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThanks!%3C%2FP%3E%0A%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-58100%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-58100%22%20slang%3D%22en-US%22%3EThanks%20Brandon%20for%20quick%20response.%20I%20understand%20now%20how%20it%20works.%20I%20am%20following%20your%20video%20posted%20here.%20very%20useful%20%3A)%3C%2Fimg%3E%20%3CBR%20%2F%3E%3CBR%20%2F%3Emy%20interest%20is%20more%20towards%20understand%20the%20impact%20of%20Skype%20for%20business%20online%20related%20to%20secure%20score.%20%3CBR%20%2F%3Efor%20example%2C%20if%20we%20enable%20federation%20with%20another%20organization%20or%20if%20any%20parameters%20%2F%20policies%20such%20as%20allowing%20file%20share%20or%20allowing%20app%20share%20etc%20in%20skype%20%2C%20will%20it%20impact%20the%20overall%20secure%20score%3F%20%3CBR%20%2F%3Einterested%20in%20learning%20more%20architectural%20parameters%20related%20to%20secure%20score%2C%20which%20will%20help%20me%20with%20right%20conversations%20with%20customers%20and%20partners%20on%20this%20subject..%3CBR%20%2F%3E%3CBR%20%2F%3Ethanks%20for%20your%20help%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-58099%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-58099%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20Anil%2C%3C%2FP%3E%0A%3CP%3EAre%20you%20setup%20as%20some%20kind%20of%20admin%20in%20the%20tenancy%20in%20question%3F%20You'll%20need%20to%20be%20an%20admin%20to%20get%20access.%3C%2FP%3E%0A%3CP%3EThanks!%3C%2FP%3E%0A%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-58098%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-58098%22%20slang%3D%22en-US%22%3E%3CP%3EI%20have%20the%20same%20problem%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E403%3C%2FP%3E%0A%3CP%3ESorry!%20Access%20denied%20%3A(%3C%2Fimg%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CBLOCKQUOTE%3E%3CHR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F227%22%20target%3D%22_blank%22%3E%40Chris%20Roberts%3C%2FA%3E%20wrote%3A%3CBR%20%2F%3EUnable%20to%20access%20this%2C%20I%20get%20the%20following%3A%3CBR%20%2F%3E%3CBR%20%2F%3E403%3CBR%20%2F%3ESorry!%20Access%20denied%20%3A(%3C%2Fimg%3E%3CBR%20%2F%3EYou%20don't%20have%20permission%20to%20open%20this%20page.%20If%20you're%20a%20new%20user%20or%20were%20recently%20assigned%20credentials%2C%20please%20wait%2015%20minutes%20and%20try%20again.Anyone%20else%20seeing%20this%3F%3CHR%20%2F%3E%3C%2FBLOCKQUOTE%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-50161%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-50161%22%20slang%3D%22en-US%22%3E%3CP%3EHey!%20Thanks%20for%20the%20follow-up.%20Service%20Admin%20role%20(and%20any%20other%20admin%20role)%20is%20sufficient%2C%20and%20it%20is%20available%20for%20all%20O365%20customers.%20Thanks!%3C%2FP%3E%0A%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-49838%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-49838%22%20slang%3D%22en-US%22%3E%3CP%3Egreats%20news%20!%3C%2FP%3E%3CP%3Eso%20service%20admin%20role%20would%20be%20sufficiant%20%3F%20is%20it%20available%20already%20on%20all%20tenants%20%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-49619%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-49619%22%20slang%3D%22en-US%22%3EThat's%20good%20news%20with%20Secure%20Score%20not%20requiring%20Globlal%20Admin%20anymore%20just%20one%20of%20the%20admin%20roles.%20Thanks%20for%20the%20update.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-49587%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-49587%22%20slang%3D%22en-US%22%3E%3CP%3EHey!%20Thanks%20for%20reaching%20out.%20There%20isn't%20a%20built%20in%20mailer%20feature%2C%20but%20the%20content%20on%20the%20Score%20Analyzer%20can%20be%20exported%20or%20screenshotted%20to%20stick%20into%20an%20email.%20Also%2C%20I'm%20pleased%20to%20report%20that%20we%20have%20made%20the%20Secure%20Score%20experience%20available%20to%20users%20that%20hold%20any%20administrative%20role%20(user%20admin%2C%20security%20admin%2C%20etc.).%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThanks!%3C%2FP%3E%0A%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-49530%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-49530%22%20slang%3D%22en-US%22%3E%3CP%3Ehi%2C%20do%20have%20or%20plan%20the%20ability%20to%20generate%20the%26nbsp%3Breport%20and%20mail%20them%20to%20determined%20recipients%20%3F%20thanks%3C%2FP%3E%3CP%3E%2B1%20%3A%20also%20for%20the%20ability%20to%20give%20the%20role%20to%20specific%20account%20without%20global%20admin%20role%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-45271%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-45271%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20Carol%2C%3C%2FP%3E%0A%3CP%3EThanks%20for%20reaching%20out.%20You%20will%20need%20to%20be%20some%20kind%20of%20administrator%20for%20the%20tenancy%20that%20you%20wish%20to%20see%20the%20secure%20score%20for.%20I%20would%20suggest%20creating%20a%20demo%20tenant%20and%20working%20from%20there.%3C%2FP%3E%0A%3CP%3EThanks!%3C%2FP%3E%0A%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-45267%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-45267%22%20slang%3D%22en-US%22%3E%3CP%3EMay%20I%20ask%20for%20access%20please%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-45266%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-45266%22%20slang%3D%22en-US%22%3E%3CP%3EMay%20I%20ask%20for%20access%20please%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-38571%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-38571%22%20slang%3D%22en-US%22%3EAwesome!%20Thanks%20for%20sharing%20and%20for%20the%20community%20support!%20Look%20for%20the%20GA%20announcement%20in%20the%20very%20near%20future%20(along%20with%20a%20couple%20of%20new%20features%2C%20like%20an%20API!).%20Thanks%2C%20Brandon%20Koeller%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-37446%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-37446%22%20slang%3D%22en-US%22%3E%3CP%3EJust%20a%20quick%20note%2C%20as%20well%20as%20writing%20about%20Office%20365%20Secure%20Score%20on%20my%20personal%20blog%2C%20which%20I%20have%20linked%20to%20previously%2C%20I%20have%20written%20a%20more%26nbsp%3Bcomprehensive%20article%20on%20the%20Technet%20Wiki%20-%20%3CA%20href%3D%22https%3A%2F%2Fsocial.technet.microsoft.com%2Fwiki%2Fcontents%2Farticles%2F36430.office-365-secure-score-find-and-fix-risks-in-office-365.aspx%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3EOffice%20365%20Secure%20Score%20-%20Find%20and%20Fix%20Risks%20in%20Office%20365%3C%2FA%3E.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI'll%20keep%20an%20eye%20on%20the%20content%20as%20things%20change%20but%20it's%20open%20for%20contributions%20in%20general%20from%20the%20community.%20%26nbsp%3BIt's%20my%20first%20Wiki%20article%2C%20so%20it%20been%20an%20interesting%20experience%2C%20it's%20harder%20than%20it%20looks.%20I'm%20looking%20forward%20to%20Secure%20Score%20reaching%20GA%20and%20more%20people%20benefiting%20from%20this%20service.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-35906%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-35906%22%20slang%3D%22en-US%22%3EHey%20Dean!%20I'll%20ask!%20Thanks%2C%20Brandon%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-35905%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-35905%22%20slang%3D%22en-US%22%3E%3CP%3EThat%20password%20recommendations%20document%20contains%20a%20lot%20of%20good%20info.%20Can%20you%20get%20it%20copied%20from%20the%20Research%20org%20over%20into%20some%20public%20places%2C%20such%20as%20docs.microsoft.com%20and%20support.office.com%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-35850%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-35850%22%20slang%3D%22en-US%22%3EHey%20Julian%2C%3CBR%20%2F%3EThanks%20for%20the%20feedback.%20We%20100%25%20agree%2C%20and%20have%20been%20working%20on%20'flipping'%20this%20control%20to%20award%20points%20for%20%2Fnot%2F%20setting%20a%20password%20expiration%20policy.%20Microsoft%20and%20NIST%20both%20recently%20released%20research%20that%20supports%20this%20change%20on%20our%20policies.%20Thanks%20again%20for%20the%20feedback!%3CBR%20%2F%3EAs%20Per%20Microsoft's%20Recommendation%3A%20%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fresearch%2Fwp-content%2Fuploads%2F2016%2F06%2FMicrosoft_Password_Guidance-1.pdf%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fresearch%2Fwp-content%2Fuploads%2F2016%2F06%2FMicrosoft_Password_Guidance-1.pdf%3C%2FA%3E%3CBR%20%2F%3EAnd%20updated%20NIST%20standards%3A%20%3CA%20href%3D%22https%3A%2F%2Fpages.nist.gov%2F800-63-3%2Fsp800-63-3.html%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fpages.nist.gov%2F800-63-3%2Fsp800-63-3.html%3C%2FA%3E%3CBR%20%2F%3EBrandon%20Koeller%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-35791%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-35791%22%20slang%3D%22en-US%22%3E%3CP%3EAnother%20issue%20with%20Secure%20Score.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%22%3CSPAN%3EYou%20should%20require%20that%20all%20of%20your%20users%20reset%20their%20password%20at%20least%20every%2060%20days%3C%2FSPAN%3E%22%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThis%20is%20no%20longer%20current%20best%20practice%20where%20strong%20passphrases%20and%202FA%20are%20used%20since%20more%20rapid%20enforced%20change%20of%20passwords%20leads%20to%20the%20use%20of%20weaker%20ones.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-28680%22%20slang%3D%22en-US%22%3ERE%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-28680%22%20slang%3D%22en-US%22%3EHi%20Brandon%2FKarsten%2C%20I%20have%20the%20same%20issue%2C%20but%20it%20seemed%20to%20work%20fine%20yesterday%20(9th)%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-27512%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-27512%22%20slang%3D%22en-US%22%3EThank%20you%20for%20your%20feedback%20Dean.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-27511%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-27511%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20really%20appreciate%20your%20feedback%20and%20information%20you%20share.%3C%2FP%3E%3CP%3EFollowing%20your%20answer%2C%20i%20discuss%20with%20my%20customer%20ans%20i%20am%20waiting%20information%20from%20him%20about%20role%20he%20would%20like%20to%20Add%20to%20grant%20access%20for%20Secure%20Score%20experience.%3C%2FP%3E%3CP%3EAs%20soon%20as%20i%20receive%20information%2C%20i%20share.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you%20very%20much%20for%20your%20feedback.%3C%2FP%3E%3CP%3Ebest%20Regards.%3C%2FP%3E%3CP%3EVincent%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-25606%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-25606%22%20slang%3D%22en-US%22%3EHey%20Vincent%2C%3CBR%20%2F%3EThanks%20for%20reaching%20out.%20Dean%20has%20it%20just%20right%20below%3A%20The%20Secure%20Score%20is%20currently%20only%20available%20to%20Global%20Administrators%20because%20the%20breadth%20of%20%2Factions%2F%20that%20the%20Score%20enables%20requires%20that%20level%20of%20access.%20We've%20gotten%20feedback%20that%20some%20customers%20would%20really%20like%20to%20expose%20the%20experience%20to%20non-Admins%20(although%20not%20to%20everyone%20in%20their%20tenancy)%20to%20drive%20more%20awareness.%20Is%20there%20an%20in-built%20role%20in%20the%20service%20that%20you%20think%20you%20would%20want%20to%20use%20to%20grant%20access%20to%20your%20Secure%20Score%20experience%3F%20Security%20Administrators%3F%20Exchange%20and%2For%20SharePoint%20admins%3F%3CBR%20%2F%3EThanks!%3CBR%20%2F%3EBrandon%20Koeller%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-25442%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-25442%22%20slang%3D%22en-US%22%3E%3CP%3ECurrently%2C%20it%20is%20Global%20Admins%20only.%26nbsp%3B%20I%20attended%20an%20O365%20Deep%20Dive%20%26nbsp%3Bwebinar%20a%20few%20days%20ago%20and%20we%20were%20told%20that%20more%20roles%20are%20planned.%20They%20are%20currently%20gathering%20feedback%20so%20that%20they%20can%20determine%20what%20those%20roles%20should%20be.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F2898%22%20target%3D%22_blank%22%3E%40Brandon%20Koeller%3C%2FA%3E%26nbsp%3Bwas%20the%20presenter%20and%20he%20should%20be%20able%20to%20provide%20more%20details%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-25434%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-25434%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWhat%20are%20the%20roles%20other%20than%20the%20admin%20of%20Tenant%20who%20can%20access%20the%20Secure%20O365%20Score%20function%3F%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThank%20you%20very%20much%20for%20your%20help%20and%20feedback.%3C%2FP%3E%0A%3CP%3EVincent%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-24642%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-24642%22%20slang%3D%22en-US%22%3E%3CP%3EOh%2C%20and%20it%20takes%20around%2010%20hours%20to%20run!!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-24641%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-24641%22%20slang%3D%22en-US%22%3E%3CP%3EIt%20turns%20out%20that%20the%20actual%20script%20needed%20to%20validate%20unused%20logins%20is%20significantly%20more%20complex%20than%20the%20example.%20Even%20reworking%20the%20example%20to%20deliver%20the%20maximum%2050k%20entries%20is%20nowhere%20near%20enough%20to%20cope%20with%20the%20logins%20from%20an%20active%208k%20seat%20tenancy%20for%2090d.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESo%20I%20had%20to%20turn%20the%20script%20around%20so%20that%20the%20combined%20audit%20log%20is%20queried%20by%20user.%20Even%20then%20a%20few%20users%20exceeded%205k%20logins%20in%2090d%2C%20one%20admin%20user%20had%20nearly%2020k%20logins%20in%20that%20period.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20new%20example%20script%20is%20on%20GitHub%20here%3A%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2FTotallyInformation%2FPowerShell%2Fblob%2Fmaster%2FGet-O365UserLoginStats.ps1%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fgithub.com%2FTotallyInformation%2FPowerShell%2Fblob%2Fmaster%2FGet-O365UserLoginStats.ps1%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-23737%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-23737%22%20slang%3D%22en-US%22%3E%3CP%3EI've%20raised%20a%20couple%20of%20issues%20in%20the%20github%20log.%20I%20think%20the%20reason%20it%20thought%20my%20colleague%20hadn't%20logged%20in%20is%20that%20it%20only%20returns%205k%20records.%20That's%20nowhere%20near%20enough%20for%20a%2090d%20review%20of%20logins%20for%208k%20users.%20I'll%20update%20the%20issue%20with%20a%20new%20script%20when%20I've%20finished%20it%20or%20I%20can%20do%20a%20pull%20if%20you%20prefer%2C%20let%20me%20know%20in%20the%20issue%20(I%20am%20TotallyInformation%20on%20GitHub).%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-23685%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-23685%22%20slang%3D%22en-US%22%3E%3CP%3EGreat%20service%20and%20it's%20really%20helped%20secure%20and%20understand%20Office%20365!%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOne%20of%20the%20items%20counts%20the%20number%20of%20Exchange%20mailboxes%20with%20auditing%20enabled%20and%20the%20action%20is%20to%20enable%20auditing.%20The%20mailbox%20count%20and%20number%20of%20mailboxes%20with%20auditing%20enabled%20varies%20has%20not%20matched%20my%20mailbox%20count%20and%20their%20audit%20status.%20We're%20new%20to%20Office%20365%20so%20we%20may%20be%20overlooking%20a%20system%20database%20or%20some%20other%20setting.%20We're%20simply%20using%20get-mailbox%20and%20also%20with%20the%20-SoftDeletedMailbox%20and%20-Migration%20switches%20and%20check%20the%20AuditEnabled%20status.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-23610%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-23610%22%20slang%3D%22en-US%22%3E%3CP%3EAlso%2C%20thanks%20for%20the%20pointer%20to%20the%20Investigation%20Tooling%20Github.%20I've%20run%20the%20script%20to%20check%20for%20users%20not%20logged%20in%20in%20the%20last%2090d%20but%20the%20first%20entry%20that%20it%20reports%20is%20one%20that%20I%20know%20is%20used%20daily%20because%20the%20person%20sits%20behind%20me%20in%20the%20office!%20They%20are%20a%20very%20heavy%20Office%20365%20user%20as%20they%20helped%20my%20set%20up%20our%20tenant.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-23606%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-23606%22%20slang%3D%22en-US%22%3E%3CP%3ENo%20problem%20Dean.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20don't%20believe%20that%20it%20is%20isolated%20for%20us.%20It's%20just%20that%20this%20is%20the%20first%20time%20I've%20actually%20been%20able%20to%20prove%20it%20happening.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-23604%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-23604%22%20slang%3D%22en-US%22%3EThanks%20for%20sharing%20this.%20I%20hope%20that%20this%20is%20an%20isolated%20event%2C%20but%20I'll%20do%20some%20research%20on%20my%20clients%20tenant%20to%20see%20if%20the%20same%20problem%20exists%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-23599%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-23599%22%20slang%3D%22en-US%22%3E%3CP%3EMany%20thanks%20Brandon.%20I've%20been%20tracking%20these%20issues%20for%20some%20while%20but%20I've%20struggled%20to%20pin%20down%20actual%20evidence.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHaving%20just%20revisited%20the%20issues%20that%20I'm%20having.%20I%20now%20have%20hard%20evidence%20from%20the%26nbsp%3Bget-msoluser%20and%20the%20combined%20audit%20log%20that%20something%20is%20very%20badly%20wrong.%20At%20least%20with%20our%20tenancy%20if%20not%20something%20wider.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ETwo%20definitive%20issues%3A%20One%20is%20that%20get-msoluser%20consistently%20reports%20some%20users%20with%26nbsp%3BPasswordNeverExpires%20set%20to%20TRUE%20which%20should%20never%20happen.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20second%20is%20even%20more%20serious.%26nbsp%3B%3CSPAN%3EI%20have%20found%20a%20user%20who%20is%20currently%20logged%20into%20the%20system%20but%20according%20to%20the%20Get-MsoUser%20data%20hasn't%20changed%20her%20password%20for%20181%20days%20(our%20tenant%20is%20set%20to%20require%20password%20change%20after%2090d).%20Here%20is%20some%20relevant%20information%3A%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%3EBlockCredential%20%3A%20False%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3EIsLicensed%20%3A%20True%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3ELastPasswordChangeTimestamp%20%3A%202016-04-22%2011%3A27%3A22%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3ELicenseReconciliationNeeded%20%3A%20False%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3EOverallProvisioningStatus%20%3A%20Success%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3EPasswordNeverExpires%20%3A%20False%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3EStrongPasswordRequired%20%3A%20True%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3EStsRefreshTokensValidFrom%20%3A%202016-04-22%2011%3A27%3A22%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3EValidationStatus%20%3A%20Healthy%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3EWhenCreated%20%3A%202013-05-07%2010%3A11%3A03%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%3EChecking%20the%20combined%20audit%20log%20I%20can%20see%20that%20it%20agrees%20that%20the%20user%20last%20changed%20their%20password%20on%20the%2022nd%20April%20but%20they%20are%20still%20logging%20in.%20They%20should%20not%20have%20been%20able%20to%20log%20in%20after%20July%2021st.%20However%2C%20the%20audit%20log%20has%20recorded%2023%20logins%20since%20then.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EPreviously%2C%20I'd%20been%20assuming%20that%20some%20data%20was%20missing%20from%20the%20audit%20logs%20but%20it%20appears%20that%20there%20may%20be%20a%20more%20serious%20issue.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-23328%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-23328%22%20slang%3D%22en-US%22%3E%3CP%3EIt%20is%20nice%20tool%20and%20this%20is%20what%20we%20really%20need%2C%20we%20couldn't%20expect%20to%20teach%20everyone%20about%20security%20issue%20and%20threats%20and%20they%20just%20want%20to%20press%20one%20key%20to%20see%20what%20is%20going%20on%20and%20we%20are%20the%20one%20in%20background%20working%20to%20make%20sure%20that%20key%20is%20working%20fine.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-23123%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-23123%22%20slang%3D%22en-US%22%3EHey%20Julian%2C%3CBR%20%2F%3EThanks%20for%20the%20feedback.%20My%20comment%20about%20the%20difficulty%20of%20finding%20source%20data%20in%20the%20system%20is%20related%20to%20the%20complexity%20of%20the%20back%20end%20ecosystem%2C%20not%20the%20availability%20and%20accessibility%20of%20relevant%20data%20for%20customers.%20In%20general%2C%20customer-facing%20data%20stores%20are%20meant%20to%20be%20straightforward%2C%20at%20least%20through%20the%20supported%20interfaces%20(usually%20web%2C%20api%2C%20and%20powershell).%20To%20your%20point%2C%20however%2C%20there%20are%20some%20resources%20that%20you%20can%20use%20to%20get%20your%20answers%3A%3CBR%20%2F%3E-The%20Admin%20Center%20Usage%20Reports%20page%20should%20allow%20you%20to%20discover%20which%20users%20are%20using%20which%20services%20for%20any%20given%20period%20of%20time%3A%20%3CA%20href%3D%22https%3A%2F%2Fportal.office.com%2Fadminportal%2Fhome%23%2FreportsUsage%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fportal.office.com%2Fadminportal%2Fhome%23%2FreportsUsage%3C%2FA%3E%3CBR%20%2F%3E-You%20can%20also%20focus%20just%20on%20logons%20by%20looking%20at%20the%20list%20of%20users%20and%20comparing%20it%20to%20the%20logon%20activity%20logs%20in%20the%20service.%20I've%20taken%20the%20liberty%20of%20whipping%20up%20a%20quick%20powershell%20script%20which%20dumps%20the%20UPNs%20of%20users%20who%20have%20not%20logged%20in%20for%20the%20last%2090%20days%3A%20%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2FOfficeDev%2FO365-InvestigationTooling%2Fblob%2Fmaster%2FInactiveUsersLast90Days.ps1%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fgithub.com%2FOfficeDev%2FO365-InvestigationTooling%2Fblob%2Fmaster%2FInactiveUsersLast90Days.ps1%3C%2FA%3E%3CBR%20%2F%3E-The%20Search-UnifiedAuditLog%20cmdlet%2C%20and%20its%20web%20interface%20(%3CA%20href%3D%22https%3A%2F%2Fprotection.office.com%2F%23%2Funifiedauditlog%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fprotection.office.com%2F%23%2Funifiedauditlog%3C%2FA%3E)%20is%20a%20great%20resource%20to%20tracking%20any%20kind%20of%20activity%20in%20the%20service.%20%3CBR%20%2F%3E-If%20you%20are%20targeting%20illicit%20activity%20detection%20along%20discrete%20threat%20vectors%2C%20you%20can%20also%20use%20our%20'Finding%20Illicit%20Activity%20The%20Old%20Fashioned%20Way'%20article%3A%20%3CA%20href%3D%22https%3A%2F%2Fblogs.technet.microsoft.com%2Foffice365security%2Ffinding-illicit-activity-the-old-fashioned-way%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fblogs.technet.microsoft.com%2Foffice365security%2Ffinding-illicit-activity-the-old-fashioned-way%2F%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3EThanks!%3CBR%20%2F%3EBrandon%20Koeller%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-22919%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-22919%22%20slang%3D%22en-US%22%3E%3CBLOCKQUOTE%3E%3CHR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F2898%22%20target%3D%22_blank%22%3E%40Brandon%20Koeller%3C%2FA%3E%20wrote%3A%3CBR%20%2F%3EHey%20Paul%2C%3CBR%20%2F%3E...%26nbsp%3BIt%20is%20surprisingly%20hard%20to%20find%20the%20source%20data%20in%20the%20ecosystem%2C%26nbsp%3B...%3CHR%20%2F%3E%3C%2FBLOCKQUOTE%3E%3CP%3EWell%2C%20at%20last!%20Someone%20from%20Microsoft%20acknowledging%20this.%20Perhaps%20you%20could%20also%20raise%20the%20visibility%20of%20some%20of%20the%20audit%20issues%20-%20like%20%3CSTRONG%3Emissing%20data%20from%20the%20audit%20reports%3C%2FSTRONG%3E.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAlso%20perhaps%20you%20could%20get%20someone%20to%20finally%20deal%20with%20the%20issue%20of%20trying%20to%20identify%20which%20users%20have%20%3CEM%3E%3CSTRONG%3Enot%3C%2FSTRONG%3E%20%3C%2FEM%3Eused%20the%20system%20recently%20(e.g.%20have%20not%20logged%20in%20in%20the%20last%2090d).%20This%20appears%20to%20still%20be%20virtually%20impossible%2C%20especially%20when%20users%20are%20not%20using%20Exchange%20Online.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThese%20issues%20are%20causing%20no%20end%20of%20problems.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20recently%20tried%20to%20identify%20people%20not%20using%20the%20system%20in%20order%20to%20recover%20licenses.%20I%20used%20the%20audit%20reports%20for%20the%20last%20180d%20thinking%20that%20at%20the%20very%20least%20all%20active%20users%20must%20have%20changed%20their%20password%20in%20that%20time%20and%20that%20should%20have%20been%20audited.%20Needless%20to%20say%20that%20resulted%20in%20nearly%2010%25%20of%20identified%20users%20that%20were%20actively%20using%20the%20system.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-22386%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-22386%22%20slang%3D%22en-US%22%3EHi%20Dean%2C%3CBR%20%2F%3EThanks%20for%20the%20feedback.%20Long%20term%2C%20we%20will%20definitely%20exclude%20controls%20for%20services%20that%20you%20don't%20have.%20For%20now%2C%20we've%20opted%20to%20include%20all%20of%20the%20controls%20since%20several%20are%20not%20scored%20to%20help%20users%20understand%20the%20full%20range%20of%20options.%20We%20also%20plan%20to%20give%20you%20the%20ability%20to%20exclude%20specific%20controls%20that%20you%20know%20you%20will%20never%20be%20able%20to%20enact%2C%20even%20if%20they%20pertain%20to%20services%20you%20own.%3CBR%20%2F%3EThanks!%3CBR%20%2F%3EBrandon%20Koeller%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-22385%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-22385%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Mark%2C%3C%2FP%3E%3CP%3EThanks%20for%20reaching%20out.%20The%20Secure%20Score%20is%20calculated%20once%20per%20day%20(at%201am%20PST).%20Please%20note%20that%20not%20all%20of%20the%20controls%20are%20instrumented%2C%20so%20some%20actions%20might%20not%20reflect%20an%20improvement%20in%20your%20score%20yet%20(those%20controls%20are%20labeled%20%5BNot%20Scored%5D).%20Otherwise%2C%20you%20should%20see%20your%20score%20reflect%20your%20actions%20within%20a%20maximum%20of%2024%20hours!%3C%2FP%3E%3CP%3EThanks%2C%3C%2FP%3E%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-22357%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-22357%22%20slang%3D%22en-US%22%3E%3CP%3EMy%20client%20is%20not%20using%20Exchange%20Online.%20It%20would%20be%20helpful%20if%20there%20was%26nbsp%3Bsome%20way%20to%20exclude%20the%20actions%20related%20to%20exchange%20from%20the%20%26nbsp%3BSecure%20Score%20recommendations%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-21884%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-21884%22%20slang%3D%22en-US%22%3E%3CP%3EGreat%20tool.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20made%20some%20updates%20to%20improve%20my%20score.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhen%20will%20I%20see%20my%20score%20updated%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-21512%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-21512%22%20slang%3D%22en-US%22%3E%3CP%3EInterested%20to%20see%26nbsp%3BSecure%20Score%20has%20been%20promoted%20this%20week%20via%20the%20Message%20center%2C%26nbsp%3Balso%20there%20have%20been%20further%20advancements%20-%20%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%22We%20have%20introduced%20the%20first%20fully%20remediated%20workflow%20under%20the%20control%20%22Designate%20less%20than%205%20tenant%20admins%22.%20Click%20%22Learn%20more%22%20after%20expanding%20the%20widget%22%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20Get%20Advice%20section%20that%20points%20to%20this%20community%20is%20going%20to%20the%20old%20address%20(%3CA%20href%3D%22https%3A%2F%2Fnetwork.office.com%2Ft5%2FSecurity-Privacy-Compliance%2Fbd-p%2Fsecurity_privacy%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fnetwork.office.com%2Ft5%2FSecurity-Privacy-Compliance%2Fbd-p%2Fsecurity_privacy%3C%2FA%3E)%2C%20by%20the%20way%2C%20which%20generates%20a%20certificate%20mismatch.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-16927%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-16927%22%20slang%3D%22en-US%22%3E%3CP%3EHere's%20Brandon's%20session%20from%20Ignite%20on%20Secure%20score%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3C%2FP%3E%3CDIV%20class%3D%22video-embed-center%20video-embed%22%3E%3CIFRAME%20class%3D%22embedly-embed%22%20src%3D%22https%3A%2F%2Fcdn.embedly.com%2Fwidgets%2Fmedia.html%3Fsrc%3Dhttps%253A%252F%252Fwww.youtube.com%252Fembed%252FDS5etmulC4s%253Ffeature%253Doembed%26amp%3Burl%3Dhttp%253A%252F%252Fwww.youtube.com%252Fwatch%253Fv%253DDS5etmulC4s%26amp%3Bimage%3Dhttps%253A%252F%252Fi.ytimg.com%252Fvi%252FDS5etmulC4s%252Fhqdefault.jpg%26amp%3Bkey%3Dfad07bfa4bd747d3bdea27e17b533c0e%26amp%3Btype%3Dtext%252Fhtml%26amp%3Bschema%3Dyoutube%22%20width%3D%22600%22%20height%3D%22337%22%20scrolling%3D%22no%22%20frameborder%3D%220%22%20allow%3D%22autoplay%3B%20fullscreen%22%20allowfullscreen%3D%22true%22%20title%3D%22Video%22%3E%3C%2FIFRAME%3E%3C%2FDIV%3E%3CP%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-14884%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-14884%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Karsten%2C%3C%2FP%3E%3CP%3EThanks%20for%20reaching%20out.%20I%20am%20able%20to%20confirm%20that%20your%20company%20does%20have%20results%20in%20the%20Secure%20Score%20database.%20Can%20you%20email%20securescore%40microsoft.com%20so%20we%20can%20connect%20offline%20and%20troubleshoot%3F%3C%2FP%3E%3CP%3EThanks!%3C%2FP%3E%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-14610%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-14610%22%20slang%3D%22en-US%22%3E%3CP%3EHI%20Brandon%2C%3C%2FP%3E%3CP%3Ewhen%20I%20try%20to%20access%20my%20demo%20tenant%2C%20I%20do%20not%20get%20any%20current%20scoring.%3C%2FP%3E%3CP%3EThe%20box%26nbsp%3B%20%22Your%20Secure%20Score%20is%3A%22%20is%20missing.%26nbsp%3B%20Instead%20I%20see%20only%20a%20target%20score.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EDo%20I%20need%20a%20valid%20subscription%20in%20Azure%20first%20to%20setup%20Scure%20Score%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-left%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F4507i0CB38DA15890E429%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22Untitled.png%22%20title%3D%22Untitled.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-13732%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-13732%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20Ole%2C%3C%2FP%3E%3CP%3EThanks%20for%20the%20feedback!%20You%20are%20reading%20our%20minds.%20We%20are%20working%20on%20publishing%20the%20secure%20score%20data%20through%20API%20end%20points%20that%20will%20live%20in%20the%20same%20place%20as%20the%20Management%20Activity%20API%20endpoints%20(which%20provide%20activity%20and%20audit%20data)%2C%20so%20that%20our%20third%20party%20ISV%20partners%20can%20%2Fsuper%2F%20easily%20include%20this%20data%20in%20their%20stores.%20OMS%20is%20one%20of%20those%20key%20partners.%3C%2FP%3E%3CP%3EThanks!%3C%2FP%3E%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-13544%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-13544%22%20slang%3D%22en-US%22%3E%3CP%3ECould%20I%20suggest%20integration%20with%20OMS%2C%20Security%20and%20Audit.%20Maybe%20also%20for%20alerting%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-13289%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-13289%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Julian%2C%3C%2FP%3E%3CP%3EThanks%20for%20the%20feedback.%20It%20is%20our%20intention%20to%20integrate%20the%20experience%20into%20the%20Security%20and%20Compliance%20Center%20once%20we%20can%26nbsp%3Bprove%20that%20the%20concept%20is%20an%20effective%20way%20to%20drive%26nbsp%3Bimprovements%20to%20customer%20risk%20postures.%26nbsp%3BPlease%20let%26nbsp%3Byour%20peers%20know%20about%20the%20Score%2C%20and%20let%20us%20know%20if%20you%20have%20any%20feedback%20about%20the%20experience.%3C%2FP%3E%3CP%3EThanks!%3C%2FP%3E%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-13039%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-13039%22%20slang%3D%22en-US%22%3E%3CP%3EI%20assume%20that%20this%20will%20also%20eventually%20be%20at%20least%20linked%20from%20the%20Security%20%26amp%3B%20Compliance%20portal%20so%20everything%20is%20in%20one%20place%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-8843%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-8843%22%20slang%3D%22en-US%22%3E%3CP%3EHey!%3C%2FP%3E%3CP%3EVasil's%20got%20it%20right.%20I%20should%20also%20note%20that%20the%20Secure%20Score%20gives%20MFA%20credit%20to%20organizations%20that%20have%20MFA%20enabled%20in%20dirsync'ed%20on-prem%20directories%2C%20so%20long%20as%20the%20federated%20directory%20configuration%20includes%20the%20'SupportsMFA'%20flag%20in%20AAD.%3C%2FP%3E%3CP%3EThanks%2C%3C%2FP%3E%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-8574%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-8574%22%20slang%3D%22en-US%22%3E%3CP%3ENewer%20versions%20of%20AADConnect%20support%20MFA%2C%20using%20a%20GA%20account%20with%20MFA%20enabled%20should%20not%20be%20a%20problem.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-8548%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-8548%22%20slang%3D%22en-US%22%3E%3CP%3EWas%20looking%20at%20my%20admins%2C%20and%20notice%20I%20have%20a%20Dirsync%20Admin%2C%20how%20do%20I%20setup%20the%20Dirysync%20admin%20with%20MFA%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20also%20have%20an%20admin%20my%20vendor%20setup%20as%20the%20initial%20admin%2C%20and%20said%20we%20did%20not%20need%20to%20use%20this%20but%20it%20had%20to%20be%20there%20MFA%2C%20is%20this%20true%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-7463%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-7463%22%20slang%3D%22en-US%22%3E%3CP%3EThanks%20for%20the%20reply%2C%20however%20I'm%20using%20my%20account%20and%20I%20am%20a%20global%20administrator.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-7461%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-7461%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20Chris%2C%3C%2FP%3E%3CP%3ESorry%20for%20the%20trouble.%20The%20most%20likely%20cause%20is%20that%20the%20acocunt%20you%20are%20using%20has%20not%20been%20assigned%20the%20global%20administrator%20role.%20The%20Secure%20Score%20requires%20that%20privilege%20level%20at%20the%20moment.%3C%2FP%3E%3CP%3EThanks!%3C%2FP%3E%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-7363%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-7363%22%20slang%3D%22en-US%22%3EUnable%20to%20access%20this%2C%20I%20get%20the%20following%3A%3CBR%20%2F%3E%3CBR%20%2F%3E403%3CBR%20%2F%3ESorry!%20Access%20denied%20%3A(%3C%2Fimg%3E%3CBR%20%2F%3EYou%20don't%20have%20permission%20to%20open%20this%20page.%20If%20you're%20a%20new%20user%20or%20were%20recently%20assigned%20credentials%2C%20please%20wait%2015%20minutes%20and%20try%20again.Anyone%20else%20seeing%20this%3F%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-6960%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-6960%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Brandon%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20been%20impressed%20with%20Secure%20Score%2C%20I%20think%20it%20has%20a%20lot%20of%20potential%2C%20already%20it%20seems%20very%20useful.%20%26nbsp%3BIncidentally%2C%20I%20have%20put%20some%20feedback%20in%20a%20post%20on%20my%20blog%20-%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fcianallner.com%2Ffind-office-365-secure-score-is-tenant-secure%2F%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fcianallner.com%2Ffind-office-365-secure-score-is-tenant-secure%2F%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-6877%22%20slang%3D%22en-US%22%3ERe%3A%20RE%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-6877%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20Jason%2C%3C%2FP%3E%3CP%3EThanks%20for%20the%20feedback.%20That%20is%20definitely%20our%20intention.%20API%20access%20is%20on%20the%20docket%20for%20the%20near%20future.%3C%2FP%3E%3CP%3EThanks!%3C%2FP%3E%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-5906%22%20slang%3D%22en-US%22%3ERE%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-5906%22%20slang%3D%22en-US%22%3EWill%20the%20service%20be%20accessible%20through%20API%3F%20We%20would%20like%20to%20provide%20that%20score%20to%20our%20CSP%20clients.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-5788%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-5788%22%20slang%3D%22en-US%22%3EHey%20Paul%2C%3CBR%20%2F%3EThanks%20for%20the%20feedback!%20I'm%20adding%20the%20notification%20feature%20to%20the%20backlog.%20We%20intend%20to%20provide%20an%20easy%20way%20to%20'undo'%20any%20given%20action%2C%20but%20I%20agree%20that%20a%20notification%20is%20a%20good%20extension%20of%20the%20control%20framework.%3CBR%20%2F%3EFor%20your%20second%20question%2C%20the%20%5BNot%20Scored%5D%20items%20are%20definitely%20intended%20to%20be%20scored%20eventually.%20It%20is%20surprisingly%20hard%20to%20find%20the%20source%20data%20in%20the%20ecosystem%2C%20and%20we%20wanted%20to%20get%20the%20experience%20in%20the%20hands%20of%20real%20users%20sooner%20rather%20than%20later.%20We%20exposed%20the%20full%20list%20of%20controls%20because%20we'd%20love%20to%20hear%20if%20you%20think%20we've%20missed%20anything%2C%20or%20that%20the%20identified%20control%20is%20off%20target.%3CBR%20%2F%3ELastly%2C%20I%20think%20facilitating%20a%20regular%20review%20cadence%20is%20a%20good%20suggestion.%20Several%20of%20the%20controls%20are%20for%20report%20reviews%2C%20which%20happen%20weekly%20or%20monthly.%20We%20explicitly%20wanted%20to%20avoid%20an%20'alerting'%20framework%2C%20but%20finding%20ways%20to%20poke%20you%20to%20come%20back%20is%20a%20good%20suggestion.%20Possibly%20might%20use%20the%20Security%20and%20Compliance%20Center%20'Action%20Center'%20functionality%20for%20that.%20For%20now%2C%20you'll%20have%20to%20manage%20manually.%3CBR%20%2F%3EThanks%20again%20for%20the%20feedback!%3CBR%20%2F%3EBrandon%20Koeller%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-5787%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-5787%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20Dennis%2C%3C%2FP%3E%3CP%3EThanks%20for%20the%20suggestion!%20Adding%20it%20to%20the%20list.%3C%2FP%3E%3CP%3EThanks%2C%3C%2FP%3E%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-5692%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-5692%22%20slang%3D%22en-US%22%3E%3CP%3EI'd%20like%20to%20see%20alerting%20for%20score%20changes.%20If%20I%20do%20the%20work%20to%20improve%20security%2C%20and%20then%20another%20global%20admin%20undoes%20some%20of%20that%20work%20maliciously%20or%20through%20error%2C%20being%20notified%20of%20a%20score%20change%20would%20be%20useful.%20It%20would%20also%20be%20helpful%20to%20be%20notified%20of%20new%20items%20when%20they%20are%20added%20to%20the%20tool.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EJust%20to%20clarify%2C%20the%20%5BNot%20Scored%5D%20items%20such%20as%20reviewing%20reports%2C%20is%20the%20intention%20to%20score%20them%20eventually%3F%20E.g.%20if%20I%20click%20through%20that%20item%20and%20review%20the%20report%2C%20does%20Secure%20Score%20see%20that%20and%20add%20points%20to%20the%20score%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAlso%20will%20Secure%20Score%20facilitate%20the%20regular%20reviews%3F%20E.g.%20by%20emailing%2Fnotifying%20me%20when%20a%20review%20item%20is%20due%20for%20another%20review%3F%20Or%20will%20I%20need%20to%20self-maintain%20that%20via%20a%20calendar%20item%20or%20similar%20mechanism%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-5534%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-5534%22%20slang%3D%22en-US%22%3E%3CP%3EWell%2C%20I%20do%20miss%20the%20PowerShell%20bit%20-%20always%20good%20to%20know%20what%20exactly%20a%20tool%20is%20doing.%20In%20this%20regard%20I%20do%20think%20you%20should%20update%20the%20consent%20part%2C%20for%20example%20make%20sure%20that%20the%20publisher%20is%20listed%20as%20Microsoft%2C%20and%20provide%20a%20clear%20explanation%20why%20you%20need%20the%20type%20of%20permissions%20(%22write%20directory%20data%22%20can%20be%20a%20hard%20sell%20to%20some%20organizations%20as%20it%20can%20easily%20be%20taken%20out%20of%20context).%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOther%20that%20that%20-%20it's%20cool.%20Obviously%20needs%20some%20more%20work%2C%20lots%20of%20UI%20glitches%2C%20lots%20of%20missing%2Finactive%20controls%2C%20but%20overall%20I%20like%20it.%20A%20%22rescan%22%20button%20might%20be%20handy%3F%20Also%20some%20sort%20of%20filter%2Ftemplate%20per%20industry%20or%20per%20security%20standard%2C%20so%20that%20people%20can%20easily%20check%20where%20they%20stand%20in%20terms%20of%20meeting%20compliance%20for%20their%20particular%20needs.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWill%20do%20a%20more%20detailed%20review%2Fblog%20post%20in%20the%20next%20days%20and%20send%20some%20additional%20feedback%20your%20way.%20Lots%20has%20changed%20in%20the%20service%20since%20the%20last%20time%20I%20spammed%20o365securescore%40microsoft.com%20%3A)%3C%2Fimg%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-5530%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-5530%22%20slang%3D%22en-US%22%3E%3CP%3EWould%20be%20great%20if%20this%20tool%20was%20integrated%20in%20the%20Office%20365%20partner-site%2C%20so%20we%20can%20check%20the%20health%20of%20all%20our%20Office%20365%20customers%20in%20a%20single%20overview!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-5451%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-5451%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20Vasil!%3C%2FP%3E%3CP%3EYep%2C%20it%20was%20in%20an%20alpha%20preview%20and%20was%20based%20on%20a%20manual%20collection%20of%20data%20via%20powershell.%20The%20new%20site%20is%20a%20non-alpha%20preview%2C%20and%20the%20collection%20is%20all%20automated.%20We've%20done%20a%20lot%20of%20work%20to%20refine%20the%20consumption%20experience%2C%20and%20have%20around%2030%20controls'%20worth%20of%20data%20collection%20automated.%20Goal%20is%20to%20have%20all%2077%20controls%20automatically%20collected%2C%20and%20to%20have%20all%20controls%20with%20a%20two-click%20remediation.%20Feedback%20is%20greatly%20appreciated!%3C%2FP%3E%3CP%3EThanks%2C%3C%2FP%3E%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-5433%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-5433%22%20slang%3D%22en-US%22%3E%3CP%3EWasn't%20it%20in%20Preview%20already%3F%20Or%20was%20that%20Private%3F%26nbsp%3BCause%20the%20links%20were%20publicly%20accessible%20and%20I've%20even%20showcased%20it%20on%26nbsp%3Ba%20local%20user%20group%20session...%20whoops%3F%26nbsp%3B%3A)%3C%2Fimg%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAnyway%2C%20the%20idea%20is%20awesome%2C%20the%20tool%20was%20lacking%20some%20stuff%20last%20time%20I%20tried%20it%20though.%20Will%20give%20it%20a%20spin%20over%20the%20weekend%20and%20report%20back%20%3A)%3C%2Fimg%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Microsoft

Microsoft is pleased to announce the preview availability of a new security analytics service called the Office 365 Secure Score. The Secure Score is a security analytics tool that will help you understand what you have done to reduce the risk to your data in Office 365, and show you what you can do to further reduce that risk. We think of it as a credit score for security. Our approach to this experience was very simple. First, we created a full inventory of all the security configurations and behaviors that our customers can do to mitigate risks to their data in Office 365 (there are about 77 total things that we identified). Then, we evaluated the extent to which each of those controls mitigated a specific set of risks and awarded the control some points. More points means a more effective control for that risk. Lastly, we measure the extent to which your service has adopted the recommended controls, add up your points, and present it as a single score.

 

The core idea is that it is useful to rationalize and contextualize all of your cloud security configuration and behavioral options into one simple, analytical framework, and to make it very easy for you to take incremental action to improve your score over time. Rather than constructing a model with findings slotted into critical, moderate, or low severity, we wanted to give you a non-reactive way to evaluate your risk and make incremental changes over time that add up to a very effective risk mitigation plan.

 

The Office 365 Secure Score is a preview experience, so you may find issues, and you will note that not all of the controls  are being measured. Please share any issues on the Office Network Group for Security. You can access the Secure Score at https://securescore.office.com.

 

The Secure Score does not express an absolute measure of how likely you are to get breached. It expresses the extent to which you have adopted controls which can offset the risk of being breached. No service can guarantee that you will not be breached, and the Secure Score should not be interpreted as a guarantee in any way.

 

Your Secure Score Summary

The first, most important piece of the Secure Score experience is the Score Summary. This panel gives you your current Secure Score, and the total number of points that are available to you, given your subscription level, the date that your score was measured, as well as a simple pie chart of your score. The denominator of your score is not intended to be a goal number to achieve. The full set of controls includes several that are very aggressive and will potentially have an adverse impact on your users’ productivity. Your goal should be to optimize your action to take every possible risk mitigating action while preserving your users’ productivity.

 

As mentioned, the Office 365 Secure Score is in a preview release. Over the coming months you will see us continue to add new controls, new measurements, and improvements to the remediation experiences. If you like what you see, please share with your network. If you see something we can improve, please share it with us on the Office Network Group for Security. We’re looking forward to seeing your scores go up, and making the Secure Score experience as useful, simple, and easy as it can be.

 

Read More Here: https://blogs.technet.microsoft.com/office365security/new-security-analytics-service-finding-and-fix...

72 Replies

Hello,

 

What are the roles other than the admin of Tenant who can access the Secure O365 Score function?

 

Thank you very much for your help and feedback.

Vincent

Currently, it is Global Admins only.  I attended an O365 Deep Dive  webinar a few days ago and we were told that more roles are planned. They are currently gathering feedback so that they can determine what those roles should be.

 

@Brandon Koeller was the presenter and he should be able to provide more details

Hey Vincent,
Thanks for reaching out. Dean has it just right below: The Secure Score is currently only available to Global Administrators because the breadth of /actions/ that the Score enables requires that level of access. We've gotten feedback that some customers would really like to expose the experience to non-Admins (although not to everyone in their tenancy) to drive more awareness. Is there an in-built role in the service that you think you would want to use to grant access to your Secure Score experience? Security Administrators? Exchange and/or SharePoint admins?
Thanks!
Brandon Koeller

Hello,

 

I really appreciate your feedback and information you share.

Following your answer, i discuss with my customer ans i am waiting information from him about role he would like to Add to grant access for Secure Score experience.

As soon as i receive information, i share.

 

Thank you very much for your feedback.

best Regards.

Vincent

Thank you for your feedback Dean.
Hi Brandon/Karsten, I have the same issue, but it seemed to work fine yesterday (9th)
best response confirmed by Deleted
Solution

Another issue with Secure Score.

 

"You should require that all of your users reset their password at least every 60 days"

 

This is no longer current best practice where strong passphrases and 2FA are used since more rapid enforced change of passwords leads to the use of weaker ones.

Hey Julian,
Thanks for the feedback. We 100% agree, and have been working on 'flipping' this control to award points for /not/ setting a password expiration policy. Microsoft and NIST both recently released research that supports this change on our policies. Thanks again for the feedback!
As Per Microsoft's Recommendation: https://www.microsoft.com/en-us/research/wp-content/uploads/2016/06/Microsoft_Password_Guidance-1.pd...
And updated NIST standards: https://pages.nist.gov/800-63-3/sp800-63-3.html
Brandon Koeller

That password recommendations document contains a lot of good info. Can you get it copied from the Research org over into some public places, such as docs.microsoft.com and support.office.com?

Hey Dean! I'll ask! Thanks, Brandon

Just a quick note, as well as writing about Office 365 Secure Score on my personal blog, which I have linked to previously, I have written a more comprehensive article on the Technet Wiki - Office 365 Secure Score - Find and Fix Risks in Office 365.

 

I'll keep an eye on the content as things change but it's open for contributions in general from the community.  It's my first Wiki article, so it been an interesting experience, it's harder than it looks. I'm looking forward to Secure Score reaching GA and more people benefiting from this service.

Awesome! Thanks for sharing and for the community support! Look for the GA announcement in the very near future (along with a couple of new features, like an API!). Thanks, Brandon Koeller

May I ask for access please?

May I ask for access please?

Hey Carol,

Thanks for reaching out. You will need to be some kind of administrator for the tenancy that you wish to see the secure score for. I would suggest creating a demo tenant and working from there.

Thanks!

Brandon Koeller

hi, do have or plan the ability to generate the report and mail them to determined recipients ? thanks

+1 : also for the ability to give the role to specific account without global admin role

Hey! Thanks for reaching out. There isn't a built in mailer feature, but the content on the Score Analyzer can be exported or screenshotted to stick into an email. Also, I'm pleased to report that we have made the Secure Score experience available to users that hold any administrative role (user admin, security admin, etc.). 

Thanks!

Brandon Koeller

That's good news with Secure Score not requiring Globlal Admin anymore just one of the admin roles. Thanks for the update.

greats news !

so service admin role would be sufficiant ? is it available already on all tenants ?

Hey! Thanks for the follow-up. Service Admin role (and any other admin role) is sufficient, and it is available for all O365 customers. Thanks!

Brandon Koeller

www.000webhost.com