Forum Discussion

BrandonKoeller's avatar
BrandonKoeller
Icon for Microsoft rankMicrosoft
Aug 12, 2016
Solved

Announcement: Office 365 Secure Score Released to Public Preview

Microsoft is pleased to announce the preview availability of a new security analytics service called the Office 365 Secure Score. The Secure Score is a security analytics tool that will help you unde...
  • Julian Knight's avatar
    Julian Knight
    Dec 15, 2016

    Another issue with Secure Score.

     

    "You should require that all of your users reset their password at least every 60 days"

     

    This is no longer current best practice where strong passphrases and 2FA are used since more rapid enforced change of passwords leads to the use of weaker ones.

Anil Komma's avatar
Anil Komma
Copper Contributor
Mar 30, 2017

I have the same problem

 

403

Sorry! Access denied :(

 

Chris Roberts wrote:
Unable to access this, I get the following:

403
Sorry! Access denied :(
You don't have permission to open this page. If you're a new user or were recently assigned credentials, please wait 15 minutes and try again.

Anyone else seeing this?

 

BrandonKoeller's avatar
BrandonKoeller
Icon for Microsoft rankMicrosoft
Mar 30, 2017

Hey Anil,

Are you setup as some kind of admin in the tenancy in question? You'll need to be an admin to get access.

Thanks!

Brandon Koeller

  • Anil Komma's avatar
    Anil Komma
    Copper Contributor
    Mar 30, 2017
    Thanks Brandon for quick response. I understand now how it works. I am following your video posted here. very useful :)

    my interest is more towards understand the impact of Skype for business online related to secure score.
    for example, if we enable federation with another organization or if any parameters / policies such as allowing file share or allowing app share etc in skype , will it impact the overall secure score?
    interested in learning more architectural parameters related to secure score, which will help me with right conversations with customers and partners on this subject..

    thanks for your help
    • BrandonKoeller's avatar
      BrandonKoeller
      Icon for Microsoft rankMicrosoft
      Apr 10, 2017

      Hey Anil,

      Thanks for the follow-up. There is one control in the action list related to Skype for Business:

       

      "You should not allow your users to communicate with Skype users outside your organization. While there are legitimate, productivity-improving scenarios for this, it also represents a potential security threat in that those external users will now be able to interact with your users over Skype for Business. Attackers may be able to pretend to be someone your user knows, and then send malicious links or attachments, resulting in an account breach, or leaked information. We found that your external domain skype communications setting is set to [Not Measured]. If you restrict this, your score will go up 5 points."

       

      At the moment, the control is not measured, so enabling external domain connections won't actually reduce your score. Long term, we think this is a defense in depth control, however. The risk is marginal, and can be fairly detrimental to user productivity. Its on the list, but ranked relatively low. 

      Thanks!

      Brandon Koeller

Resources