SOLVED
Home

Announcement: Office 365 Secure Score Released to Public Preview

%3CLINGO-SUB%20id%3D%22lingo-sub-5429%22%20slang%3D%22en-US%22%3EAnnouncement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-5429%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%3EMicrosoft%20is%20pleased%20to%20announce%20the%20preview%20availability%20of%20a%20new%20security%20analytics%20service%20called%20the%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fsecurescore.office.com%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3E%3CSPAN%3EOffice%20365%20Secure%20Score%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%3E.%20The%20Secure%20Score%20is%20a%20security%20analytics%20tool%20that%20will%20help%20you%20understand%20what%20you%20have%20done%20to%20reduce%20the%20risk%20to%20your%20data%20in%20Office%20365%2C%20and%20show%20you%20what%20you%20can%20do%20to%20further%20reduce%20that%20risk.%20We%20think%20of%20it%20as%20a%20credit%20score%20for%20security.%20Our%20approach%20to%20this%20experience%20was%20very%20simple.%20First%2C%20we%20created%20a%20full%20inventory%20of%20all%20the%20security%20configurations%20and%20behaviors%20that%20our%20customers%20can%20do%20to%20mitigate%20risks%20to%20their%20data%20in%20Office%20365%20(there%20are%20about%2077%20total%20things%20that%20we%20identified).%20Then%2C%20we%20evaluated%20the%20extent%20to%20which%20each%20of%20those%20controls%20mitigated%20a%20specific%20set%20of%20risks%20and%20awarded%20the%20control%20some%20points.%20More%20points%20means%20a%20more%20effective%20control%20for%20that%20risk.%20Lastly%2C%20we%20measure%20the%20extent%20to%20which%20your%20service%20has%20adopted%20the%20recommended%20controls%2C%20add%20up%20your%20points%2C%20and%20present%20it%20as%20a%20single%20score.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EThe%20core%20idea%20is%20that%20it%20is%20useful%20to%20rationalize%20and%20contextualize%20all%20of%20your%20cloud%20security%20configuration%20and%20behavioral%20options%20into%20one%20simple%2C%20analytical%20framework%2C%20and%20to%20make%20it%20very%20easy%20for%20you%20to%20take%20incremental%20action%20to%20improve%20your%20score%20over%20time.%20Rather%20than%20constructing%20a%20model%20with%20findings%20slotted%20into%20critical%2C%20moderate%2C%20or%20low%20severity%2C%20we%20wanted%20to%20give%20you%20a%20non-reactive%20way%20to%20evaluate%20your%20risk%20and%20make%20incremental%20changes%20over%20time%20that%20add%20up%20to%20a%20very%20effective%20risk%20mitigation%20plan.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EThe%20Office%20365%20Secure%20Score%20is%20a%20preview%20experience%2C%20so%20you%20may%20find%20issues%2C%20and%20you%20will%20note%20that%20not%20all%20of%20the%20controls%26nbsp%3B%20are%20being%20measured.%20Please%20share%20any%20issues%20on%20the%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FSecurity-Privacy-Compliance%2Fbd-p%2Fsecurity_privacy%22%20target%3D%22_blank%22%3E%3CSPAN%3EOffice%20Network%20Group%20for%20Security%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%3E.%20You%20can%20access%20the%20Secure%20Score%20at%20%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fsecurescore.office.com%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3E%3CSPAN%3Ehttps%3A%2F%2Fsecurescore.office.com%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%3E.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EThe%20Secure%20Score%20does%20not%20express%20an%20absolute%20measure%20of%20how%20likely%20you%20are%20to%20get%20breached.%20It%20expresses%20the%20extent%20to%20which%20you%20have%20adopted%20controls%20which%20can%20offset%20the%20risk%20of%20being%20breached.%20No%20service%20can%20guarantee%20that%20you%20will%20not%20be%20breached%2C%20and%20the%20Secure%20Score%20should%20not%20be%20interpreted%20as%20a%20guarantee%20in%20any%20way.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3EYour%20Secure%20Score%20Summary%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EThe%20first%2C%20most%20important%20piece%20of%20the%20Secure%20Score%20experience%20is%20the%20Score%20Summary.%20This%20panel%20gives%20you%20your%20current%20Secure%20Score%2C%20and%20the%20total%20number%20of%20points%20that%20are%20available%20to%20you%2C%20given%20your%20subscription%20level%2C%20the%20date%20that%20your%20score%20was%20measured%2C%20as%20well%20as%20a%20simple%20pie%20chart%20of%20your%20score.%20The%20denominator%20of%20your%20score%20is%20not%20intended%20to%20be%20a%20goal%20number%20to%20achieve.%20The%20full%20set%20of%20controls%20includes%20several%20that%20are%20very%20aggressive%20and%20will%20potentially%20have%20an%20adverse%20impact%20on%20your%20users%E2%80%99%20productivity.%20Your%20goal%20should%20be%20to%20optimize%20your%20action%20to%20take%20every%20possible%20risk%20mitigating%20action%20while%20preserving%20your%20users%E2%80%99%20productivity.%3C%2FSPAN%3E%3C%2FP%3E%3CIMG%20src%3D%22https%3A%2F%2Fmsdnshared.blob.core.windows.net%2Fmedia%2F2016%2F08%2Fss_summary.png%22%20%2F%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EAs%20mentioned%2C%20the%20Office%20365%20Secure%20Score%20is%20in%20a%20preview%20release.%20Over%20the%20coming%20months%20you%20will%20see%20us%20continue%20to%20add%20new%20controls%2C%20new%20measurements%2C%20and%20improvements%20to%20the%20remediation%20experiences.%20If%20you%20like%20what%20you%20see%2C%20please%20share%20with%20your%20network.%20If%20you%20see%20something%20we%20can%20improve%2C%20please%20share%20it%20with%20us%20on%20the%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FSecurity-Privacy-Compliance%2Fbd-p%2Fsecurity_privacy%22%20target%3D%22_blank%22%3E%3CSPAN%3EOffice%20Network%20Group%20for%20Security%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%3E.%20We%E2%80%99re%20looking%20forward%20to%20seeing%20your%20scores%20go%20up%2C%20and%20making%20the%20Secure%20Score%20experience%20as%20useful%2C%20simple%2C%20and%20easy%20as%20it%20can%20be.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERead%20More%20Here%3A%20%3CA%20href%3D%22https%3A%2F%2Fblogs.technet.microsoft.com%2Foffice365security%2Fnew-security-analytics-service-finding-and-fixing-risk-in-office-365%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fblogs.technet.microsoft.com%2Foffice365security%2Fnew-security-analytics-service-finding-and-fixing-risk-in-office-365%2F%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-181869%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-181869%22%20slang%3D%22en-US%22%3E%3CP%3ESame%20thing%20is%20happened%20to%20me.%20I'm%20not%20a%20global%20admin.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EDoes%20anyone%20know%20what's%20the%20minimum%20access%20required%20to%20access%20this%20feature%3F%3C%2FP%3E%3CBLOCKQUOTE%3E%3CHR%20%2F%3E%26nbsp%3Bwrote%3A%3CBR%20%2F%3EUnable%20to%20access%20this%2C%20I%20get%20the%20following%3A%3CBR%20%2F%3E%3CBR%20%2F%3E403%3CBR%20%2F%3ESorry!%20Access%20denied%20%3A(%3C%2Fimg%3E%3CBR%20%2F%3EYou%20don't%20have%20permission%20to%20open%20this%20page.%20If%20you're%20a%20new%20user%20or%20were%20recently%20assigned%20credentials%2C%20please%20wait%2015%20minutes%20and%20try%20again.%3CBR%20%2F%3E%3CBR%20%2F%3EAnyone%20else%20seeing%20this%3F%3CHR%20%2F%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FBLOCKQUOTE%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-172791%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-172791%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Dean%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EI%20have%20not%20heard%20of%20any%20plan%20for%20these%20apps.%26nbsp%3B%26nbsp%3BIf%20you%20have%20ideas%20on%20what%20security%20controls%20should%20be%20measured%20for%20them%2C%20send%20me%20a%20private%20message%20and%20I%20am%20happy%20to%20share%20it%20with%20the%20engineering%20team.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-172778%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-172778%22%20slang%3D%22en-US%22%3E%3CP%3Ewhat%20are%20the%20plans%20for%20adding%20Power%20Apps%2C%20Flow%20and%2For%20Power%20BI%20to%20Secure%20Score%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-172771%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-172771%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Greg%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EFor%20the%20MDM%20actions%20we%20currently%20have%20the%20telemetry%20wired%20up%20for%20built%20in%20Office%20365%20MDM%20controls.%26nbsp%3B%20We%20are%20currently%20working%20on%20bringing%20in%20the%20Intune%20telemetry%2C%20so%20hold%26nbsp%3Btight.%26nbsp%3B%26nbsp%3BIf%26nbsp%3Byou%20want%20points%20for%20using%20Intune%20now%20you%20can%20press%20the%20third%20party%20button%20for%20those%20controls.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-172012%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-172012%22%20slang%3D%22en-US%22%3E%3CP%3ESecure%20score%20is%20great.%20We%20have%20slowly%20been%20tracking%20up%20as%20we%20fix%20the%20items%20that%20have%20been%20shown.%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EI%20seem%20to%20get%20incorrect%20scores%20for%20all%20the%20mobile%20options.%20I%20assume%20this%20is%20due%20to%20us%20using%20intune.%20Any%20idea%20when%20the%20secure%20secure%20will%20reflect%20the%20intune%20mobile%20settings%20and%20security%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-118280%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-118280%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Brandon%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI've%20granted%20all%20my%20InfoSec%20guys%20access%20in%20the%20Security%20and%20Compliance%20center%20as%20Security%20Administrators%20and%20Compliance%20Admins%2C%20but%20that%20doesn't%20seem%20to%20allow%20them%20to%20access%20SecureScore.%3CBR%20%2F%3EI%20then%20gave%20them%20Custom%20Administrator%2FReports%20Reader%2C%20but%20they%20still%20got%20403%20when%20accessing%20the%20page.%20Will%20try%20going%20up%20to%20Service%20Admins%20and%20see%20if%20that%20allows%20them%20in.%26nbsp%3BI%20also%20noticed%20that%20Compliance%20Admin%20is%20not%26nbsp%3Blisted%20in%20the%20available%20admin%26nbsp%3Broles%20for%20Office%20365%20users.%20Am%20I%20missing%20a%20preview%20feature%20or%20something%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-106231%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-106231%22%20slang%3D%22en-US%22%3E%3CP%3EI%20have%20the%20same%20issue%20with%20Intune%20scores%20not%20reflecting.%20We%20have%20been%20moved%20to%20intune%20on%20azure%20with%20Office%20365%20and%20dont%20get%20any%20scores%20showing%20up.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-61751%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-61751%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20John%2C%3C%2FP%3E%0A%3CP%3EThanks%20for%20the%20feedback.%20So%2C%20the%20way%20the%20access%20model%20is%20implemented%20users%20of%20the%20tool%20are%20only%20able%20to%20perform%20actions%20that%20align%20with%20their%20assigned%20role.%20So%2C%20if%20a%20control%20requires%20global%20admin%20permissions%20and%20the%20user%20is%20assigned%20an%20Exchange%20Online%20Admin%20role%2C%20they%20won't%20be%20able%20to%20make%20the%20change.%20This%20leaves%20some%20roles%20such%20as%20Security%20Administrator%20as%20functionally%20read-only%20roles.%20Most%20of%20the%20read-only%20state%20and%20configuration%20data%20is%20already%20accessible%20to%20all%20those%20roles%20anyway%20(although%20it%20would%20take%20more%20work%20to%20get%20the%20state%20data).%20We%20tried%20to%20strike%20a%20balance%20between%20exposure%20of%20the%20recommendations%20to%20the%20right%20set%20of%20company%20stakeholders%26nbsp%3Bwhile%20respecting%20the%20constraints%20of%20their%20assigned%20roles.%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThanks!%3C%2FP%3E%0A%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-61380%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-61380%22%20slang%3D%22en-US%22%3EInfoSec%20teams%20who'd%20find%20securescore%20useful%20for%20GRC%20purposes%20wouldnt%20want%20or%20shouldn't%20get%20the%20permission%20required%20to%20access%20it.%20Segregation%20of%20roles%20associated%20with%20access%20to%20this%20kind%20of%20functionality%20would%20be%20v%20useful.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-61242%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-61242%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20Anil%2C%3C%2FP%3E%0A%3CP%3EThanks%20for%20the%20follow-up.%20There%20is%20one%20control%20in%20the%20action%20list%20related%20to%20Skype%20for%20Business%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%22You%20should%20not%20allow%20your%20users%20to%20communicate%20with%20Skype%20users%20outside%20your%20organization.%20While%20there%20are%20legitimate%2C%20productivity-improving%20scenarios%20for%20this%2C%20it%20also%20represents%20a%20potential%20security%20threat%20in%20that%20those%20external%20users%20will%20now%20be%20able%20to%20interact%20with%20your%20users%20over%20Skype%20for%20Business.%20Attackers%20may%20be%20able%20to%20pretend%20to%20be%20someone%20your%20user%20knows%2C%20and%20then%20send%20malicious%20links%20or%20attachments%2C%20resulting%20in%20an%20account%20breach%2C%20or%20leaked%20information.%20We%20found%20that%20your%20external%20domain%20skype%20communications%20setting%20is%20set%20to%20%5BNot%20Measured%5D.%20If%20you%20restrict%20this%2C%20your%20score%20will%20go%20up%205%20points.%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EAt%20the%20moment%2C%20the%20control%20is%20not%20measured%2C%20so%20enabling%20external%20domain%20connections%20won't%20actually%20reduce%20your%20score.%20Long%20term%2C%20we%20think%20this%20is%20a%20defense%20in%20depth%20control%2C%20however.%20The%20risk%20is%20marginal%2C%20and%20can%20be%20fairly%20detrimental%20to%20user%20productivity.%20Its%20on%20the%20list%2C%20but%20ranked%20relatively%20low.%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThanks!%3C%2FP%3E%0A%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-58100%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-58100%22%20slang%3D%22en-US%22%3EThanks%20Brandon%20for%20quick%20response.%20I%20understand%20now%20how%20it%20works.%20I%20am%20following%20your%20video%20posted%20here.%20very%20useful%20%3A)%3C%2Fimg%3E%20%3CBR%20%2F%3E%3CBR%20%2F%3Emy%20interest%20is%20more%20towards%20understand%20the%20impact%20of%20Skype%20for%20business%20online%20related%20to%20secure%20score.%20%3CBR%20%2F%3Efor%20example%2C%20if%20we%20enable%20federation%20with%20another%20organization%20or%20if%20any%20parameters%20%2F%20policies%20such%20as%20allowing%20file%20share%20or%20allowing%20app%20share%20etc%20in%20skype%20%2C%20will%20it%20impact%20the%20overall%20secure%20score%3F%20%3CBR%20%2F%3Einterested%20in%20learning%20more%20architectural%20parameters%20related%20to%20secure%20score%2C%20which%20will%20help%20me%20with%20right%20conversations%20with%20customers%20and%20partners%20on%20this%20subject..%3CBR%20%2F%3E%3CBR%20%2F%3Ethanks%20for%20your%20help%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-58099%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-58099%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20Anil%2C%3C%2FP%3E%0A%3CP%3EAre%20you%20setup%20as%20some%20kind%20of%20admin%20in%20the%20tenancy%20in%20question%3F%20You'll%20need%20to%20be%20an%20admin%20to%20get%20access.%3C%2FP%3E%0A%3CP%3EThanks!%3C%2FP%3E%0A%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-58098%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-58098%22%20slang%3D%22en-US%22%3E%3CP%3EI%20have%20the%20same%20problem%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E403%3C%2FP%3E%0A%3CP%3ESorry!%20Access%20denied%20%3A(%3C%2Fimg%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CBLOCKQUOTE%3E%3CHR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F227%22%20target%3D%22_blank%22%3E%40Chris%20Roberts%3C%2FA%3E%20wrote%3A%3CBR%20%2F%3EUnable%20to%20access%20this%2C%20I%20get%20the%20following%3A%3CBR%20%2F%3E%3CBR%20%2F%3E403%3CBR%20%2F%3ESorry!%20Access%20denied%20%3A(%3C%2Fimg%3E%3CBR%20%2F%3EYou%20don't%20have%20permission%20to%20open%20this%20page.%20If%20you're%20a%20new%20user%20or%20were%20recently%20assigned%20credentials%2C%20please%20wait%2015%20minutes%20and%20try%20again.Anyone%20else%20seeing%20this%3F%3CHR%20%2F%3E%3C%2FBLOCKQUOTE%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-50161%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-50161%22%20slang%3D%22en-US%22%3E%3CP%3EHey!%20Thanks%20for%20the%20follow-up.%20Service%20Admin%20role%20(and%20any%20other%20admin%20role)%20is%20sufficient%2C%20and%20it%20is%20available%20for%20all%20O365%20customers.%20Thanks!%3C%2FP%3E%0A%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-49838%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-49838%22%20slang%3D%22en-US%22%3E%3CP%3Egreats%20news%20!%3C%2FP%3E%3CP%3Eso%20service%20admin%20role%20would%20be%20sufficiant%20%3F%20is%20it%20available%20already%20on%20all%20tenants%20%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-49619%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-49619%22%20slang%3D%22en-US%22%3EThat's%20good%20news%20with%20Secure%20Score%20not%20requiring%20Globlal%20Admin%20anymore%20just%20one%20of%20the%20admin%20roles.%20Thanks%20for%20the%20update.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-49587%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-49587%22%20slang%3D%22en-US%22%3E%3CP%3EHey!%20Thanks%20for%20reaching%20out.%20There%20isn't%20a%20built%20in%20mailer%20feature%2C%20but%20the%20content%20on%20the%20Score%20Analyzer%20can%20be%20exported%20or%20screenshotted%20to%20stick%20into%20an%20email.%20Also%2C%20I'm%20pleased%20to%20report%20that%20we%20have%20made%20the%20Secure%20Score%20experience%20available%20to%20users%20that%20hold%20any%20administrative%20role%20(user%20admin%2C%20security%20admin%2C%20etc.).%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThanks!%3C%2FP%3E%0A%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-49530%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-49530%22%20slang%3D%22en-US%22%3E%3CP%3Ehi%2C%20do%20have%20or%20plan%20the%20ability%20to%20generate%20the%26nbsp%3Breport%20and%20mail%20them%20to%20determined%20recipients%20%3F%20thanks%3C%2FP%3E%3CP%3E%2B1%20%3A%20also%20for%20the%20ability%20to%20give%20the%20role%20to%20specific%20account%20without%20global%20admin%20role%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-45271%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-45271%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20Carol%2C%3C%2FP%3E%0A%3CP%3EThanks%20for%20reaching%20out.%20You%20will%20need%20to%20be%20some%20kind%20of%20administrator%20for%20the%20tenancy%20that%20you%20wish%20to%20see%20the%20secure%20score%20for.%20I%20would%20suggest%20creating%20a%20demo%20tenant%20and%20working%20from%20there.%3C%2FP%3E%0A%3CP%3EThanks!%3C%2FP%3E%0A%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-45267%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-45267%22%20slang%3D%22en-US%22%3E%3CP%3EMay%20I%20ask%20for%20access%20please%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-45266%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-45266%22%20slang%3D%22en-US%22%3E%3CP%3EMay%20I%20ask%20for%20access%20please%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-38571%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-38571%22%20slang%3D%22en-US%22%3EAwesome!%20Thanks%20for%20sharing%20and%20for%20the%20community%20support!%20Look%20for%20the%20GA%20announcement%20in%20the%20very%20near%20future%20(along%20with%20a%20couple%20of%20new%20features%2C%20like%20an%20API!).%20Thanks%2C%20Brandon%20Koeller%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-37446%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-37446%22%20slang%3D%22en-US%22%3E%3CP%3EJust%20a%20quick%20note%2C%20as%20well%20as%20writing%20about%20Office%20365%20Secure%20Score%20on%20my%20personal%20blog%2C%20which%20I%20have%20linked%20to%20previously%2C%20I%20have%20written%20a%20more%26nbsp%3Bcomprehensive%20article%20on%20the%20Technet%20Wiki%20-%20%3CA%20href%3D%22https%3A%2F%2Fsocial.technet.microsoft.com%2Fwiki%2Fcontents%2Farticles%2F36430.office-365-secure-score-find-and-fix-risks-in-office-365.aspx%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3EOffice%20365%20Secure%20Score%20-%20Find%20and%20Fix%20Risks%20in%20Office%20365%3C%2FA%3E.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI'll%20keep%20an%20eye%20on%20the%20content%20as%20things%20change%20but%20it's%20open%20for%20contributions%20in%20general%20from%20the%20community.%20%26nbsp%3BIt's%20my%20first%20Wiki%20article%2C%20so%20it%20been%20an%20interesting%20experience%2C%20it's%20harder%20than%20it%20looks.%20I'm%20looking%20forward%20to%20Secure%20Score%20reaching%20GA%20and%20more%20people%20benefiting%20from%20this%20service.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-35906%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-35906%22%20slang%3D%22en-US%22%3EHey%20Dean!%20I'll%20ask!%20Thanks%2C%20Brandon%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-35905%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-35905%22%20slang%3D%22en-US%22%3E%3CP%3EThat%20password%20recommendations%20document%20contains%20a%20lot%20of%20good%20info.%20Can%20you%20get%20it%20copied%20from%20the%20Research%20org%20over%20into%20some%20public%20places%2C%20such%20as%20docs.microsoft.com%20and%20support.office.com%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-35850%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-35850%22%20slang%3D%22en-US%22%3EHey%20Julian%2C%3CBR%20%2F%3EThanks%20for%20the%20feedback.%20We%20100%25%20agree%2C%20and%20have%20been%20working%20on%20'flipping'%20this%20control%20to%20award%20points%20for%20%2Fnot%2F%20setting%20a%20password%20expiration%20policy.%20Microsoft%20and%20NIST%20both%20recently%20released%20research%20that%20supports%20this%20change%20on%20our%20policies.%20Thanks%20again%20for%20the%20feedback!%3CBR%20%2F%3EAs%20Per%20Microsoft's%20Recommendation%3A%20%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fresearch%2Fwp-content%2Fuploads%2F2016%2F06%2FMicrosoft_Password_Guidance-1.pdf%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fresearch%2Fwp-content%2Fuploads%2F2016%2F06%2FMicrosoft_Password_Guidance-1.pdf%3C%2FA%3E%3CBR%20%2F%3EAnd%20updated%20NIST%20standards%3A%20%3CA%20href%3D%22https%3A%2F%2Fpages.nist.gov%2F800-63-3%2Fsp800-63-3.html%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fpages.nist.gov%2F800-63-3%2Fsp800-63-3.html%3C%2FA%3E%3CBR%20%2F%3EBrandon%20Koeller%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-35791%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-35791%22%20slang%3D%22en-US%22%3E%3CP%3EAnother%20issue%20with%20Secure%20Score.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%22%3CSPAN%3EYou%20should%20require%20that%20all%20of%20your%20users%20reset%20their%20password%20at%20least%20every%2060%20days%3C%2FSPAN%3E%22%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThis%20is%20no%20longer%20current%20best%20practice%20where%20strong%20passphrases%20and%202FA%20are%20used%20since%20more%20rapid%20enforced%20change%20of%20passwords%20leads%20to%20the%20use%20of%20weaker%20ones.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-28680%22%20slang%3D%22en-US%22%3ERE%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-28680%22%20slang%3D%22en-US%22%3EHi%20Brandon%2FKarsten%2C%20I%20have%20the%20same%20issue%2C%20but%20it%20seemed%20to%20work%20fine%20yesterday%20(9th)%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-27512%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-27512%22%20slang%3D%22en-US%22%3EThank%20you%20for%20your%20feedback%20Dean.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-27511%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-27511%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20really%20appreciate%20your%20feedback%20and%20information%20you%20share.%3C%2FP%3E%3CP%3EFollowing%20your%20answer%2C%20i%20discuss%20with%20my%20customer%20ans%20i%20am%20waiting%20information%20from%20him%20about%20role%20he%20would%20like%20to%20Add%20to%20grant%20access%20for%20Secure%20Score%20experience.%3C%2FP%3E%3CP%3EAs%20soon%20as%20i%20receive%20information%2C%20i%20share.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you%20very%20much%20for%20your%20feedback.%3C%2FP%3E%3CP%3Ebest%20Regards.%3C%2FP%3E%3CP%3EVincent%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-25606%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-25606%22%20slang%3D%22en-US%22%3EHey%20Vincent%2C%3CBR%20%2F%3EThanks%20for%20reaching%20out.%20Dean%20has%20it%20just%20right%20below%3A%20The%20Secure%20Score%20is%20currently%20only%20available%20to%20Global%20Administrators%20because%20the%20breadth%20of%20%2Factions%2F%20that%20the%20Score%20enables%20requires%20that%20level%20of%20access.%20We've%20gotten%20feedback%20that%20some%20customers%20would%20really%20like%20to%20expose%20the%20experience%20to%20non-Admins%20(although%20not%20to%20everyone%20in%20their%20tenancy)%20to%20drive%20more%20awareness.%20Is%20there%20an%20in-built%20role%20in%20the%20service%20that%20you%20think%20you%20would%20want%20to%20use%20to%20grant%20access%20to%20your%20Secure%20Score%20experience%3F%20Security%20Administrators%3F%20Exchange%20and%2For%20SharePoint%20admins%3F%3CBR%20%2F%3EThanks!%3CBR%20%2F%3EBrandon%20Koeller%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-25442%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-25442%22%20slang%3D%22en-US%22%3E%3CP%3ECurrently%2C%20it%20is%20Global%20Admins%20only.%26nbsp%3B%20I%20attended%20an%20O365%20Deep%20Dive%20%26nbsp%3Bwebinar%20a%20few%20days%20ago%20and%20we%20were%20told%20that%20more%20roles%20are%20planned.%20They%20are%20currently%20gathering%20feedback%20so%20that%20they%20can%20determine%20what%20those%20roles%20should%20be.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F2898%22%20target%3D%22_blank%22%3E%40Brandon%20Koeller%3C%2FA%3E%26nbsp%3Bwas%20the%20presenter%20and%20he%20should%20be%20able%20to%20provide%20more%20details%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-25434%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-25434%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWhat%20are%20the%20roles%20other%20than%20the%20admin%20of%20Tenant%20who%20can%20access%20the%20Secure%20O365%20Score%20function%3F%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThank%20you%20very%20much%20for%20your%20help%20and%20feedback.%3C%2FP%3E%0A%3CP%3EVincent%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-24642%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-24642%22%20slang%3D%22en-US%22%3E%3CP%3EOh%2C%20and%20it%20takes%20around%2010%20hours%20to%20run!!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-24641%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-24641%22%20slang%3D%22en-US%22%3E%3CP%3EIt%20turns%20out%20that%20the%20actual%20script%20needed%20to%20validate%20unused%20logins%20is%20significantly%20more%20complex%20than%20the%20example.%20Even%20reworking%20the%20example%20to%20deliver%20the%20maximum%2050k%20entries%20is%20nowhere%20near%20enough%20to%20cope%20with%20the%20logins%20from%20an%20active%208k%20seat%20tenancy%20for%2090d.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESo%20I%20had%20to%20turn%20the%20script%20around%20so%20that%20the%20combined%20audit%20log%20is%20queried%20by%20user.%20Even%20then%20a%20few%20users%20exceeded%205k%20logins%20in%2090d%2C%20one%20admin%20user%20had%20nearly%2020k%20logins%20in%20that%20period.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20new%20example%20script%20is%20on%20GitHub%20here%3A%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2FTotallyInformation%2FPowerShell%2Fblob%2Fmaster%2FGet-O365UserLoginStats.ps1%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fgithub.com%2FTotallyInformation%2FPowerShell%2Fblob%2Fmaster%2FGet-O365UserLoginStats.ps1%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-23737%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-23737%22%20slang%3D%22en-US%22%3E%3CP%3EI've%20raised%20a%20couple%20of%20issues%20in%20the%20github%20log.%20I%20think%20the%20reason%20it%20thought%20my%20colleague%20hadn't%20logged%20in%20is%20that%20it%20only%20returns%205k%20records.%20That's%20nowhere%20near%20enough%20for%20a%2090d%20review%20of%20logins%20for%208k%20users.%20I'll%20update%20the%20issue%20with%20a%20new%20script%20when%20I've%20finished%20it%20or%20I%20can%20do%20a%20pull%20if%20you%20prefer%2C%20let%20me%20know%20in%20the%20issue%20(I%20am%20TotallyInformation%20on%20GitHub).%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-23685%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-23685%22%20slang%3D%22en-US%22%3E%3CP%3EGreat%20service%20and%20it's%20really%20helped%20secure%20and%20understand%20Office%20365!%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOne%20of%20the%20items%20counts%20the%20number%20of%20Exchange%20mailboxes%20with%20auditing%20enabled%20and%20the%20action%20is%20to%20enable%20auditing.%20The%20mailbox%20count%20and%20number%20of%20mailboxes%20with%20auditing%20enabled%20varies%20has%20not%20matched%20my%20mailbox%20count%20and%20their%20audit%20status.%20We're%20new%20to%20Office%20365%20so%20we%20may%20be%20overlooking%20a%20system%20database%20or%20some%20other%20setting.%20We're%20simply%20using%20get-mailbox%20and%20also%20with%20the%20-SoftDeletedMailbox%20and%20-Migration%20switches%20and%20check%20the%20AuditEnabled%20status.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-23610%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-23610%22%20slang%3D%22en-US%22%3E%3CP%3EAlso%2C%20thanks%20for%20the%20pointer%20to%20the%20Investigation%20Tooling%20Github.%20I've%20run%20the%20script%20to%20check%20for%20users%20not%20logged%20in%20in%20the%20last%2090d%20but%20the%20first%20entry%20that%20it%20reports%20is%20one%20that%20I%20know%20is%20used%20daily%20because%20the%20person%20sits%20behind%20me%20in%20the%20office!%20They%20are%20a%20very%20heavy%20Office%20365%20user%20as%20they%20helped%20my%20set%20up%20our%20tenant.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-23606%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-23606%22%20slang%3D%22en-US%22%3E%3CP%3ENo%20problem%20Dean.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20don't%20believe%20that%20it%20is%20isolated%20for%20us.%20It's%20just%20that%20this%20is%20the%20first%20time%20I've%20actually%20been%20able%20to%20prove%20it%20happening.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-23604%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-23604%22%20slang%3D%22en-US%22%3EThanks%20for%20sharing%20this.%20I%20hope%20that%20this%20is%20an%20isolated%20event%2C%20but%20I'll%20do%20some%20research%20on%20my%20clients%20tenant%20to%20see%20if%20the%20same%20problem%20exists%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-23599%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-23599%22%20slang%3D%22en-US%22%3E%3CP%3EMany%20thanks%20Brandon.%20I've%20been%20tracking%20these%20issues%20for%20some%20while%20but%20I've%20struggled%20to%20pin%20down%20actual%20evidence.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHaving%20just%20revisited%20the%20issues%20that%20I'm%20having.%20I%20now%20have%20hard%20evidence%20from%20the%26nbsp%3Bget-msoluser%20and%20the%20combined%20audit%20log%20that%20something%20is%20very%20badly%20wrong.%20At%20least%20with%20our%20tenancy%20if%20not%20something%20wider.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ETwo%20definitive%20issues%3A%20One%20is%20that%20get-msoluser%20consistently%20reports%20some%20users%20with%26nbsp%3BPasswordNeverExpires%20set%20to%20TRUE%20which%20should%20never%20happen.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20second%20is%20even%20more%20serious.%26nbsp%3B%3CSPAN%3EI%20have%20found%20a%20user%20who%20is%20currently%20logged%20into%20the%20system%20but%20according%20to%20the%20Get-MsoUser%20data%20hasn't%20changed%20her%20password%20for%20181%20days%20(our%20tenant%20is%20set%20to%20require%20password%20change%20after%2090d).%20Here%20is%20some%20relevant%20information%3A%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%3EBlockCredential%20%3A%20False%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3EIsLicensed%20%3A%20True%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3ELastPasswordChangeTimestamp%20%3A%202016-04-22%2011%3A27%3A22%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3ELicenseReconciliationNeeded%20%3A%20False%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3EOverallProvisioningStatus%20%3A%20Success%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3EPasswordNeverExpires%20%3A%20False%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3EStrongPasswordRequired%20%3A%20True%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3EStsRefreshTokensValidFrom%20%3A%202016-04-22%2011%3A27%3A22%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3EValidationStatus%20%3A%20Healthy%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3EWhenCreated%20%3A%202013-05-07%2010%3A11%3A03%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%3EChecking%20the%20combined%20audit%20log%20I%20can%20see%20that%20it%20agrees%20that%20the%20user%20last%20changed%20their%20password%20on%20the%2022nd%20April%20but%20they%20are%20still%20logging%20in.%20They%20should%20not%20have%20been%20able%20to%20log%20in%20after%20July%2021st.%20However%2C%20the%20audit%20log%20has%20recorded%2023%20logins%20since%20then.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EPreviously%2C%20I'd%20been%20assuming%20that%20some%20data%20was%20missing%20from%20the%20audit%20logs%20but%20it%20appears%20that%20there%20may%20be%20a%20more%20serious%20issue.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-23328%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-23328%22%20slang%3D%22en-US%22%3E%3CP%3EIt%20is%20nice%20tool%20and%20this%20is%20what%20we%20really%20need%2C%20we%20couldn't%20expect%20to%20teach%20everyone%20about%20security%20issue%20and%20threats%20and%20they%20just%20want%20to%20press%20one%20key%20to%20see%20what%20is%20going%20on%20and%20we%20are%20the%20one%20in%20background%20working%20to%20make%20sure%20that%20key%20is%20working%20fine.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-23123%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-23123%22%20slang%3D%22en-US%22%3EHey%20Julian%2C%3CBR%20%2F%3EThanks%20for%20the%20feedback.%20My%20comment%20about%20the%20difficulty%20of%20finding%20source%20data%20in%20the%20system%20is%20related%20to%20the%20complexity%20of%20the%20back%20end%20ecosystem%2C%20not%20the%20availability%20and%20accessibility%20of%20relevant%20data%20for%20customers.%20In%20general%2C%20customer-facing%20data%20stores%20are%20meant%20to%20be%20straightforward%2C%20at%20least%20through%20the%20supported%20interfaces%20(usually%20web%2C%20api%2C%20and%20powershell).%20To%20your%20point%2C%20however%2C%20there%20are%20some%20resources%20that%20you%20can%20use%20to%20get%20your%20answers%3A%3CBR%20%2F%3E-The%20Admin%20Center%20Usage%20Reports%20page%20should%20allow%20you%20to%20discover%20which%20users%20are%20using%20which%20services%20for%20any%20given%20period%20of%20time%3A%20%3CA%20href%3D%22https%3A%2F%2Fportal.office.com%2Fadminportal%2Fhome%23%2FreportsUsage%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fportal.office.com%2Fadminportal%2Fhome%23%2FreportsUsage%3C%2FA%3E%3CBR%20%2F%3E-You%20can%20also%20focus%20just%20on%20logons%20by%20looking%20at%20the%20list%20of%20users%20and%20comparing%20it%20to%20the%20logon%20activity%20logs%20in%20the%20service.%20I've%20taken%20the%20liberty%20of%20whipping%20up%20a%20quick%20powershell%20script%20which%20dumps%20the%20UPNs%20of%20users%20who%20have%20not%20logged%20in%20for%20the%20last%2090%20days%3A%20%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2FOfficeDev%2FO365-InvestigationTooling%2Fblob%2Fmaster%2FInactiveUsersLast90Days.ps1%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fgithub.com%2FOfficeDev%2FO365-InvestigationTooling%2Fblob%2Fmaster%2FInactiveUsersLast90Days.ps1%3C%2FA%3E%3CBR%20%2F%3E-The%20Search-UnifiedAuditLog%20cmdlet%2C%20and%20its%20web%20interface%20(%3CA%20href%3D%22https%3A%2F%2Fprotection.office.com%2F%23%2Funifiedauditlog%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fprotection.office.com%2F%23%2Funifiedauditlog%3C%2FA%3E)%20is%20a%20great%20resource%20to%20tracking%20any%20kind%20of%20activity%20in%20the%20service.%20%3CBR%20%2F%3E-If%20you%20are%20targeting%20illicit%20activity%20detection%20along%20discrete%20threat%20vectors%2C%20you%20can%20also%20use%20our%20'Finding%20Illicit%20Activity%20The%20Old%20Fashioned%20Way'%20article%3A%20%3CA%20href%3D%22https%3A%2F%2Fblogs.technet.microsoft.com%2Foffice365security%2Ffinding-illicit-activity-the-old-fashioned-way%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fblogs.technet.microsoft.com%2Foffice365security%2Ffinding-illicit-activity-the-old-fashioned-way%2F%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3EThanks!%3CBR%20%2F%3EBrandon%20Koeller%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-22919%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-22919%22%20slang%3D%22en-US%22%3E%3CBLOCKQUOTE%3E%3CHR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F2898%22%20target%3D%22_blank%22%3E%40Brandon%20Koeller%3C%2FA%3E%20wrote%3A%3CBR%20%2F%3EHey%20Paul%2C%3CBR%20%2F%3E...%26nbsp%3BIt%20is%20surprisingly%20hard%20to%20find%20the%20source%20data%20in%20the%20ecosystem%2C%26nbsp%3B...%3CHR%20%2F%3E%3C%2FBLOCKQUOTE%3E%3CP%3EWell%2C%20at%20last!%20Someone%20from%20Microsoft%20acknowledging%20this.%20Perhaps%20you%20could%20also%20raise%20the%20visibility%20of%20some%20of%20the%20audit%20issues%20-%20like%20%3CSTRONG%3Emissing%20data%20from%20the%20audit%20reports%3C%2FSTRONG%3E.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAlso%20perhaps%20you%20could%20get%20someone%20to%20finally%20deal%20with%20the%20issue%20of%20trying%20to%20identify%20which%20users%20have%20%3CEM%3E%3CSTRONG%3Enot%3C%2FSTRONG%3E%20%3C%2FEM%3Eused%20the%20system%20recently%20(e.g.%20have%20not%20logged%20in%20in%20the%20last%2090d).%20This%20appears%20to%20still%20be%20virtually%20impossible%2C%20especially%20when%20users%20are%20not%20using%20Exchange%20Online.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThese%20issues%20are%20causing%20no%20end%20of%20problems.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20recently%20tried%20to%20identify%20people%20not%20using%20the%20system%20in%20order%20to%20recover%20licenses.%20I%20used%20the%20audit%20reports%20for%20the%20last%20180d%20thinking%20that%20at%20the%20very%20least%20all%20active%20users%20must%20have%20changed%20their%20password%20in%20that%20time%20and%20that%20should%20have%20been%20audited.%20Needless%20to%20say%20that%20resulted%20in%20nearly%2010%25%20of%20identified%20users%20that%20were%20actively%20using%20the%20system.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-22386%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-22386%22%20slang%3D%22en-US%22%3EHi%20Dean%2C%3CBR%20%2F%3EThanks%20for%20the%20feedback.%20Long%20term%2C%20we%20will%20definitely%20exclude%20controls%20for%20services%20that%20you%20don't%20have.%20For%20now%2C%20we've%20opted%20to%20include%20all%20of%20the%20controls%20since%20several%20are%20not%20scored%20to%20help%20users%20understand%20the%20full%20range%20of%20options.%20We%20also%20plan%20to%20give%20you%20the%20ability%20to%20exclude%20specific%20controls%20that%20you%20know%20you%20will%20never%20be%20able%20to%20enact%2C%20even%20if%20they%20pertain%20to%20services%20you%20own.%3CBR%20%2F%3EThanks!%3CBR%20%2F%3EBrandon%20Koeller%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-22385%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-22385%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Mark%2C%3C%2FP%3E%3CP%3EThanks%20for%20reaching%20out.%20The%20Secure%20Score%20is%20calculated%20once%20per%20day%20(at%201am%20PST).%20Please%20note%20that%20not%20all%20of%20the%20controls%20are%20instrumented%2C%20so%20some%20actions%20might%20not%20reflect%20an%20improvement%20in%20your%20score%20yet%20(those%20controls%20are%20labeled%20%5BNot%20Scored%5D).%20Otherwise%2C%20you%20should%20see%20your%20score%20reflect%20your%20actions%20within%20a%20maximum%20of%2024%20hours!%3C%2FP%3E%3CP%3EThanks%2C%3C%2FP%3E%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-22357%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-22357%22%20slang%3D%22en-US%22%3E%3CP%3EMy%20client%20is%20not%20using%20Exchange%20Online.%20It%20would%20be%20helpful%20if%20there%20was%26nbsp%3Bsome%20way%20to%20exclude%20the%20actions%20related%20to%20exchange%20from%20the%20%26nbsp%3BSecure%20Score%20recommendations%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-21884%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-21884%22%20slang%3D%22en-US%22%3E%3CP%3EGreat%20tool.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20made%20some%20updates%20to%20improve%20my%20score.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhen%20will%20I%20see%20my%20score%20updated%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-21512%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-21512%22%20slang%3D%22en-US%22%3E%3CP%3EInterested%20to%20see%26nbsp%3BSecure%20Score%20has%20been%20promoted%20this%20week%20via%20the%20Message%20center%2C%26nbsp%3Balso%20there%20have%20been%20further%20advancements%20-%20%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%22We%20have%20introduced%20the%20first%20fully%20remediated%20workflow%20under%20the%20control%20%22Designate%20less%20than%205%20tenant%20admins%22.%20Click%20%22Learn%20more%22%20after%20expanding%20the%20widget%22%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20Get%20Advice%20section%20that%20points%20to%20this%20community%20is%20going%20to%20the%20old%20address%20(%3CA%20href%3D%22https%3A%2F%2Fnetwork.office.com%2Ft5%2FSecurity-Privacy-Compliance%2Fbd-p%2Fsecurity_privacy%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fnetwork.office.com%2Ft5%2FSecurity-Privacy-Compliance%2Fbd-p%2Fsecurity_privacy%3C%2FA%3E)%2C%20by%20the%20way%2C%20which%20generates%20a%20certificate%20mismatch.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-16927%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-16927%22%20slang%3D%22en-US%22%3E%3CP%3EHere's%20Brandon's%20session%20from%20Ignite%20on%20Secure%20score%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3C%2FP%3E%3CDIV%20class%3D%22video-embed-center%20video-embed%22%3E%3CIFRAME%20class%3D%22embedly-embed%22%20src%3D%22https%3A%2F%2Fcdn.embedly.com%2Fwidgets%2Fmedia.html%3Fsrc%3Dhttps%253A%252F%252Fwww.youtube.com%252Fembed%252FDS5etmulC4s%253Ffeature%253Doembed%26amp%3Burl%3Dhttp%253A%252F%252Fwww.youtube.com%252Fwatch%253Fv%253DDS5etmulC4s%26amp%3Bimage%3Dhttps%253A%252F%252Fi.ytimg.com%252Fvi%252FDS5etmulC4s%252Fhqdefault.jpg%26amp%3Bkey%3Dfad07bfa4bd747d3bdea27e17b533c0e%26amp%3Btype%3Dtext%252Fhtml%26amp%3Bschema%3Dyoutube%22%20width%3D%22600%22%20height%3D%22337%22%20scrolling%3D%22no%22%20frameborder%3D%220%22%20allow%3D%22autoplay%3B%20fullscreen%22%20allowfullscreen%3D%22true%22%20title%3D%22Video%22%3E%3C%2FIFRAME%3E%3C%2FDIV%3E%3CP%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-14884%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-14884%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Karsten%2C%3C%2FP%3E%3CP%3EThanks%20for%20reaching%20out.%20I%20am%20able%20to%20confirm%20that%20your%20company%20does%20have%20results%20in%20the%20Secure%20Score%20database.%20Can%20you%20email%20securescore%40microsoft.com%20so%20we%20can%20connect%20offline%20and%20troubleshoot%3F%3C%2FP%3E%3CP%3EThanks!%3C%2FP%3E%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-14610%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-14610%22%20slang%3D%22en-US%22%3E%3CP%3EHI%20Brandon%2C%3C%2FP%3E%3CP%3Ewhen%20I%20try%20to%20access%20my%20demo%20tenant%2C%20I%20do%20not%20get%20any%20current%20scoring.%3C%2FP%3E%3CP%3EThe%20box%26nbsp%3B%20%22Your%20Secure%20Score%20is%3A%22%20is%20missing.%26nbsp%3B%20Instead%20I%20see%20only%20a%20target%20score.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EDo%20I%20need%20a%20valid%20subscription%20in%20Azure%20first%20to%20setup%20Scure%20Score%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-left%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F4507i0CB38DA15890E429%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22Untitled.png%22%20title%3D%22Untitled.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-13732%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-13732%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20Ole%2C%3C%2FP%3E%3CP%3EThanks%20for%20the%20feedback!%20You%20are%20reading%20our%20minds.%20We%20are%20working%20on%20publishing%20the%20secure%20score%20data%20through%20API%20end%20points%20that%20will%20live%20in%20the%20same%20place%20as%20the%20Management%20Activity%20API%20endpoints%20(which%20provide%20activity%20and%20audit%20data)%2C%20so%20that%20our%20third%20party%20ISV%20partners%20can%20%2Fsuper%2F%20easily%20include%20this%20data%20in%20their%20stores.%20OMS%20is%20one%20of%20those%20key%20partners.%3C%2FP%3E%3CP%3EThanks!%3C%2FP%3E%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-13544%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-13544%22%20slang%3D%22en-US%22%3E%3CP%3ECould%20I%20suggest%20integration%20with%20OMS%2C%20Security%20and%20Audit.%20Maybe%20also%20for%20alerting%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-13289%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-13289%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Julian%2C%3C%2FP%3E%3CP%3EThanks%20for%20the%20feedback.%20It%20is%20our%20intention%20to%20integrate%20the%20experience%20into%20the%20Security%20and%20Compliance%20Center%20once%20we%20can%26nbsp%3Bprove%20that%20the%20concept%20is%20an%20effective%20way%20to%20drive%26nbsp%3Bimprovements%20to%20customer%20risk%20postures.%26nbsp%3BPlease%20let%26nbsp%3Byour%20peers%20know%20about%20the%20Score%2C%20and%20let%20us%20know%20if%20you%20have%20any%20feedback%20about%20the%20experience.%3C%2FP%3E%3CP%3EThanks!%3C%2FP%3E%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-13039%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-13039%22%20slang%3D%22en-US%22%3E%3CP%3EI%20assume%20that%20this%20will%20also%20eventually%20be%20at%20least%20linked%20from%20the%20Security%20%26amp%3B%20Compliance%20portal%20so%20everything%20is%20in%20one%20place%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-8843%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-8843%22%20slang%3D%22en-US%22%3E%3CP%3EHey!%3C%2FP%3E%3CP%3EVasil's%20got%20it%20right.%20I%20should%20also%20note%20that%20the%20Secure%20Score%20gives%20MFA%20credit%20to%20organizations%20that%20have%20MFA%20enabled%20in%20dirsync'ed%20on-prem%20directories%2C%20so%20long%20as%20the%20federated%20directory%20configuration%20includes%20the%20'SupportsMFA'%20flag%20in%20AAD.%3C%2FP%3E%3CP%3EThanks%2C%3C%2FP%3E%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-8574%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-8574%22%20slang%3D%22en-US%22%3E%3CP%3ENewer%20versions%20of%20AADConnect%20support%20MFA%2C%20using%20a%20GA%20account%20with%20MFA%20enabled%20should%20not%20be%20a%20problem.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-8548%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-8548%22%20slang%3D%22en-US%22%3E%3CP%3EWas%20looking%20at%20my%20admins%2C%20and%20notice%20I%20have%20a%20Dirsync%20Admin%2C%20how%20do%20I%20setup%20the%20Dirysync%20admin%20with%20MFA%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20also%20have%20an%20admin%20my%20vendor%20setup%20as%20the%20initial%20admin%2C%20and%20said%20we%20did%20not%20need%20to%20use%20this%20but%20it%20had%20to%20be%20there%20MFA%2C%20is%20this%20true%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-7463%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-7463%22%20slang%3D%22en-US%22%3E%3CP%3EThanks%20for%20the%20reply%2C%20however%20I'm%20using%20my%20account%20and%20I%20am%20a%20global%20administrator.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-7461%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-7461%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20Chris%2C%3C%2FP%3E%3CP%3ESorry%20for%20the%20trouble.%20The%20most%20likely%20cause%20is%20that%20the%20acocunt%20you%20are%20using%20has%20not%20been%20assigned%20the%20global%20administrator%20role.%20The%20Secure%20Score%20requires%20that%20privilege%20level%20at%20the%20moment.%3C%2FP%3E%3CP%3EThanks!%3C%2FP%3E%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-7363%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-7363%22%20slang%3D%22en-US%22%3EUnable%20to%20access%20this%2C%20I%20get%20the%20following%3A%3CBR%20%2F%3E%3CBR%20%2F%3E403%3CBR%20%2F%3ESorry!%20Access%20denied%20%3A(%3C%2Fimg%3E%3CBR%20%2F%3EYou%20don't%20have%20permission%20to%20open%20this%20page.%20If%20you're%20a%20new%20user%20or%20were%20recently%20assigned%20credentials%2C%20please%20wait%2015%20minutes%20and%20try%20again.Anyone%20else%20seeing%20this%3F%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-6960%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-6960%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Brandon%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20been%20impressed%20with%20Secure%20Score%2C%20I%20think%20it%20has%20a%20lot%20of%20potential%2C%20already%20it%20seems%20very%20useful.%20%26nbsp%3BIncidentally%2C%20I%20have%20put%20some%20feedback%20in%20a%20post%20on%20my%20blog%20-%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fcianallner.com%2Ffind-office-365-secure-score-is-tenant-secure%2F%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fcianallner.com%2Ffind-office-365-secure-score-is-tenant-secure%2F%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-6877%22%20slang%3D%22en-US%22%3ERe%3A%20RE%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-6877%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20Jason%2C%3C%2FP%3E%3CP%3EThanks%20for%20the%20feedback.%20That%20is%20definitely%20our%20intention.%20API%20access%20is%20on%20the%20docket%20for%20the%20near%20future.%3C%2FP%3E%3CP%3EThanks!%3C%2FP%3E%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-5906%22%20slang%3D%22en-US%22%3ERE%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-5906%22%20slang%3D%22en-US%22%3EWill%20the%20service%20be%20accessible%20through%20API%3F%20We%20would%20like%20to%20provide%20that%20score%20to%20our%20CSP%20clients.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-5788%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-5788%22%20slang%3D%22en-US%22%3EHey%20Paul%2C%3CBR%20%2F%3EThanks%20for%20the%20feedback!%20I'm%20adding%20the%20notification%20feature%20to%20the%20backlog.%20We%20intend%20to%20provide%20an%20easy%20way%20to%20'undo'%20any%20given%20action%2C%20but%20I%20agree%20that%20a%20notification%20is%20a%20good%20extension%20of%20the%20control%20framework.%3CBR%20%2F%3EFor%20your%20second%20question%2C%20the%20%5BNot%20Scored%5D%20items%20are%20definitely%20intended%20to%20be%20scored%20eventually.%20It%20is%20surprisingly%20hard%20to%20find%20the%20source%20data%20in%20the%20ecosystem%2C%20and%20we%20wanted%20to%20get%20the%20experience%20in%20the%20hands%20of%20real%20users%20sooner%20rather%20than%20later.%20We%20exposed%20the%20full%20list%20of%20controls%20because%20we'd%20love%20to%20hear%20if%20you%20think%20we've%20missed%20anything%2C%20or%20that%20the%20identified%20control%20is%20off%20target.%3CBR%20%2F%3ELastly%2C%20I%20think%20facilitating%20a%20regular%20review%20cadence%20is%20a%20good%20suggestion.%20Several%20of%20the%20controls%20are%20for%20report%20reviews%2C%20which%20happen%20weekly%20or%20monthly.%20We%20explicitly%20wanted%20to%20avoid%20an%20'alerting'%20framework%2C%20but%20finding%20ways%20to%20poke%20you%20to%20come%20back%20is%20a%20good%20suggestion.%20Possibly%20might%20use%20the%20Security%20and%20Compliance%20Center%20'Action%20Center'%20functionality%20for%20that.%20For%20now%2C%20you'll%20have%20to%20manage%20manually.%3CBR%20%2F%3EThanks%20again%20for%20the%20feedback!%3CBR%20%2F%3EBrandon%20Koeller%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-5787%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-5787%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20Dennis%2C%3C%2FP%3E%3CP%3EThanks%20for%20the%20suggestion!%20Adding%20it%20to%20the%20list.%3C%2FP%3E%3CP%3EThanks%2C%3C%2FP%3E%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-5692%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-5692%22%20slang%3D%22en-US%22%3E%3CP%3EI'd%20like%20to%20see%20alerting%20for%20score%20changes.%20If%20I%20do%20the%20work%20to%20improve%20security%2C%20and%20then%20another%20global%20admin%20undoes%20some%20of%20that%20work%20maliciously%20or%20through%20error%2C%20being%20notified%20of%20a%20score%20change%20would%20be%20useful.%20It%20would%20also%20be%20helpful%20to%20be%20notified%20of%20new%20items%20when%20they%20are%20added%20to%20the%20tool.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EJust%20to%20clarify%2C%20the%20%5BNot%20Scored%5D%20items%20such%20as%20reviewing%20reports%2C%20is%20the%20intention%20to%20score%20them%20eventually%3F%20E.g.%20if%20I%20click%20through%20that%20item%20and%20review%20the%20report%2C%20does%20Secure%20Score%20see%20that%20and%20add%20points%20to%20the%20score%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAlso%20will%20Secure%20Score%20facilitate%20the%20regular%20reviews%3F%20E.g.%20by%20emailing%2Fnotifying%20me%20when%20a%20review%20item%20is%20due%20for%20another%20review%3F%20Or%20will%20I%20need%20to%20self-maintain%20that%20via%20a%20calendar%20item%20or%20similar%20mechanism%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-5534%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-5534%22%20slang%3D%22en-US%22%3E%3CP%3EWell%2C%20I%20do%20miss%20the%20PowerShell%20bit%20-%20always%20good%20to%20know%20what%20exactly%20a%20tool%20is%20doing.%20In%20this%20regard%20I%20do%20think%20you%20should%20update%20the%20consent%20part%2C%20for%20example%20make%20sure%20that%20the%20publisher%20is%20listed%20as%20Microsoft%2C%20and%20provide%20a%20clear%20explanation%20why%20you%20need%20the%20type%20of%20permissions%20(%22write%20directory%20data%22%20can%20be%20a%20hard%20sell%20to%20some%20organizations%20as%20it%20can%20easily%20be%20taken%20out%20of%20context).%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOther%20that%20that%20-%20it's%20cool.%20Obviously%20needs%20some%20more%20work%2C%20lots%20of%20UI%20glitches%2C%20lots%20of%20missing%2Finactive%20controls%2C%20but%20overall%20I%20like%20it.%20A%20%22rescan%22%20button%20might%20be%20handy%3F%20Also%20some%20sort%20of%20filter%2Ftemplate%20per%20industry%20or%20per%20security%20standard%2C%20so%20that%20people%20can%20easily%20check%20where%20they%20stand%20in%20terms%20of%20meeting%20compliance%20for%20their%20particular%20needs.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWill%20do%20a%20more%20detailed%20review%2Fblog%20post%20in%20the%20next%20days%20and%20send%20some%20additional%20feedback%20your%20way.%20Lots%20has%20changed%20in%20the%20service%20since%20the%20last%20time%20I%20spammed%20o365securescore%40microsoft.com%20%3A)%3C%2Fimg%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-5530%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-5530%22%20slang%3D%22en-US%22%3E%3CP%3EWould%20be%20great%20if%20this%20tool%20was%20integrated%20in%20the%20Office%20365%20partner-site%2C%20so%20we%20can%20check%20the%20health%20of%20all%20our%20Office%20365%20customers%20in%20a%20single%20overview!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-5451%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-5451%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20Vasil!%3C%2FP%3E%3CP%3EYep%2C%20it%20was%20in%20an%20alpha%20preview%20and%20was%20based%20on%20a%20manual%20collection%20of%20data%20via%20powershell.%20The%20new%20site%20is%20a%20non-alpha%20preview%2C%20and%20the%20collection%20is%20all%20automated.%20We've%20done%20a%20lot%20of%20work%20to%20refine%20the%20consumption%20experience%2C%20and%20have%20around%2030%20controls'%20worth%20of%20data%20collection%20automated.%20Goal%20is%20to%20have%20all%2077%20controls%20automatically%20collected%2C%20and%20to%20have%20all%20controls%20with%20a%20two-click%20remediation.%20Feedback%20is%20greatly%20appreciated!%3C%2FP%3E%3CP%3EThanks%2C%3C%2FP%3E%3CP%3EBrandon%20Koeller%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-5433%22%20slang%3D%22en-US%22%3ERe%3A%20Announcement%3A%20Office%20365%20Secure%20Score%20Released%20to%20Public%20Preview%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-5433%22%20slang%3D%22en-US%22%3E%3CP%3EWasn't%20it%20in%20Preview%20already%3F%20Or%20was%20that%20Private%3F%26nbsp%3BCause%20the%20links%20were%20publicly%20accessible%20and%20I've%20even%20showcased%20it%20on%26nbsp%3Ba%20local%20user%20group%20session...%20whoops%3F%26nbsp%3B%3A)%3C%2Fimg%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAnyway%2C%20the%20idea%20is%20awesome%2C%20the%20tool%20was%20lacking%20some%20stuff%20last%20time%20I%20tried%20it%20though.%20Will%20give%20it%20a%20spin%20over%20the%20weekend%20and%20report%20back%20%3A)%3C%2Fimg%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Brandon Koeller
Microsoft

Microsoft is pleased to announce the preview availability of a new security analytics service called the Office 365 Secure Score. The Secure Score is a security analytics tool that will help you understand what you have done to reduce the risk to your data in Office 365, and show you what you can do to further reduce that risk. We think of it as a credit score for security. Our approach to this experience was very simple. First, we created a full inventory of all the security configurations and behaviors that our customers can do to mitigate risks to their data in Office 365 (there are about 77 total things that we identified). Then, we evaluated the extent to which each of those controls mitigated a specific set of risks and awarded the control some points. More points means a more effective control for that risk. Lastly, we measure the extent to which your service has adopted the recommended controls, add up your points, and present it as a single score.

 

The core idea is that it is useful to rationalize and contextualize all of your cloud security configuration and behavioral options into one simple, analytical framework, and to make it very easy for you to take incremental action to improve your score over time. Rather than constructing a model with findings slotted into critical, moderate, or low severity, we wanted to give you a non-reactive way to evaluate your risk and make incremental changes over time that add up to a very effective risk mitigation plan.

 

The Office 365 Secure Score is a preview experience, so you may find issues, and you will note that not all of the controls  are being measured. Please share any issues on the Office Network Group for Security. You can access the Secure Score at https://securescore.office.com.

 

The Secure Score does not express an absolute measure of how likely you are to get breached. It expresses the extent to which you have adopted controls which can offset the risk of being breached. No service can guarantee that you will not be breached, and the Secure Score should not be interpreted as a guarantee in any way.

 

Your Secure Score Summary

The first, most important piece of the Secure Score experience is the Score Summary. This panel gives you your current Secure Score, and the total number of points that are available to you, given your subscription level, the date that your score was measured, as well as a simple pie chart of your score. The denominator of your score is not intended to be a goal number to achieve. The full set of controls includes several that are very aggressive and will potentially have an adverse impact on your users’ productivity. Your goal should be to optimize your action to take every possible risk mitigating action while preserving your users’ productivity.

 

As mentioned, the Office 365 Secure Score is in a preview release. Over the coming months you will see us continue to add new controls, new measurements, and improvements to the remediation experiences. If you like what you see, please share with your network. If you see something we can improve, please share it with us on the Office Network Group for Security. We’re looking forward to seeing your scores go up, and making the Secure Score experience as useful, simple, and easy as it can be.

 

Read More Here: https://blogs.technet.microsoft.com/office365security/new-security-analytics-service-finding-and-fix...

72 Replies

Wasn't it in Preview already? Or was that Private? Cause the links were publicly accessible and I've even showcased it on a local user group session... whoops? :)

 

Anyway, the idea is awesome, the tool was lacking some stuff last time I tried it though. Will give it a spin over the weekend and report back :)

 

Hey Vasil!

Yep, it was in an alpha preview and was based on a manual collection of data via powershell. The new site is a non-alpha preview, and the collection is all automated. We've done a lot of work to refine the consumption experience, and have around 30 controls' worth of data collection automated. Goal is to have all 77 controls automatically collected, and to have all controls with a two-click remediation. Feedback is greatly appreciated!

Thanks,

Brandon Koeller

Highlighted

Would be great if this tool was integrated in the Office 365 partner-site, so we can check the health of all our Office 365 customers in a single overview!

Well, I do miss the PowerShell bit - always good to know what exactly a tool is doing. In this regard I do think you should update the consent part, for example make sure that the publisher is listed as Microsoft, and provide a clear explanation why you need the type of permissions ("write directory data" can be a hard sell to some organizations as it can easily be taken out of context).

 

Other that that - it's cool. Obviously needs some more work, lots of UI glitches, lots of missing/inactive controls, but overall I like it. A "rescan" button might be handy? Also some sort of filter/template per industry or per security standard, so that people can easily check where they stand in terms of meeting compliance for their particular needs.

 

Will do a more detailed review/blog post in the next days and send some additional feedback your way. Lots has changed in the service since the last time I spammed o365securescore@microsoft.com :)

I'd like to see alerting for score changes. If I do the work to improve security, and then another global admin undoes some of that work maliciously or through error, being notified of a score change would be useful. It would also be helpful to be notified of new items when they are added to the tool.

 

Just to clarify, the [Not Scored] items such as reviewing reports, is the intention to score them eventually? E.g. if I click through that item and review the report, does Secure Score see that and add points to the score?

 

Also will Secure Score facilitate the regular reviews? E.g. by emailing/notifying me when a review item is due for another review? Or will I need to self-maintain that via a calendar item or similar mechanism?

Hey Dennis,

Thanks for the suggestion! Adding it to the list.

Thanks,

Brandon Koeller

Hey Paul,
Thanks for the feedback! I'm adding the notification feature to the backlog. We intend to provide an easy way to 'undo' any given action, but I agree that a notification is a good extension of the control framework.
For your second question, the [Not Scored] items are definitely intended to be scored eventually. It is surprisingly hard to find the source data in the ecosystem, and we wanted to get the experience in the hands of real users sooner rather than later. We exposed the full list of controls because we'd love to hear if you think we've missed anything, or that the identified control is off target.
Lastly, I think facilitating a regular review cadence is a good suggestion. Several of the controls are for report reviews, which happen weekly or monthly. We explicitly wanted to avoid an 'alerting' framework, but finding ways to poke you to come back is a good suggestion. Possibly might use the Security and Compliance Center 'Action Center' functionality for that. For now, you'll have to manage manually.
Thanks again for the feedback!
Brandon Koeller
Will the service be accessible through API? We would like to provide that score to our CSP clients.

Hey Jason,

Thanks for the feedback. That is definitely our intention. API access is on the docket for the near future.

Thanks!

Brandon Koeller

Hi Brandon

 

I have been impressed with Secure Score, I think it has a lot of potential, already it seems very useful.  Incidentally, I have put some feedback in a post on my blog -

 

https://cianallner.com/find-office-365-secure-score-is-tenant-secure/

Unable to access this, I get the following:

403
Sorry! Access denied :(
You don't have permission to open this page. If you're a new user or were recently assigned credentials, please wait 15 minutes and try again.

Anyone else seeing this?

Hey Chris,

Sorry for the trouble. The most likely cause is that the acocunt you are using has not been assigned the global administrator role. The Secure Score requires that privilege level at the moment.

Thanks!

Brandon Koeller

Thanks for the reply, however I'm using my account and I am a global administrator.

Was looking at my admins, and notice I have a Dirsync Admin, how do I setup the Dirysync admin with MFA?

 

I also have an admin my vendor setup as the initial admin, and said we did not need to use this but it had to be there MFA, is this true?

 

 

Newer versions of AADConnect support MFA, using a GA account with MFA enabled should not be a problem.

Hey!

Vasil's got it right. I should also note that the Secure Score gives MFA credit to organizations that have MFA enabled in dirsync'ed on-prem directories, so long as the federated directory configuration includes the 'SupportsMFA' flag in AAD.

Thanks,

Brandon Koeller

I assume that this will also eventually be at least linked from the Security & Compliance portal so everything is in one place?

Hi Julian,

Thanks for the feedback. It is our intention to integrate the experience into the Security and Compliance Center once we can prove that the concept is an effective way to drive improvements to customer risk postures. Please let your peers know about the Score, and let us know if you have any feedback about the experience.

Thanks!

Brandon Koeller

Could I suggest integration with OMS, Security and Audit. Maybe also for alerting?

Hey Ole,

Thanks for the feedback! You are reading our minds. We are working on publishing the secure score data through API end points that will live in the same place as the Management Activity API endpoints (which provide activity and audit data), so that our third party ISV partners can /super/ easily include this data in their stores. OMS is one of those key partners.

Thanks!

Brandon Koeller

HI Brandon,

when I try to access my demo tenant, I do not get any current scoring.

The box  "Your Secure Score is:" is missing.  Instead I see only a target score.

 

Do I need a valid subscription in Azure first to setup Scure Score?

 

Untitled.png

 

 

Hi Karsten,

Thanks for reaching out. I am able to confirm that your company does have results in the Secure Score database. Can you email securescore@microsoft.com so we can connect offline and troubleshoot?

Thanks!

Brandon Koeller

Here's Brandon's session from Ignite on Secure score:

 

Interested to see Secure Score has been promoted this week via the Message center, also there have been further advancements -  

 

"We have introduced the first fully remediated workflow under the control "Designate less than 5 tenant admins". Click "Learn more" after expanding the widget"

 

The Get Advice section that points to this community is going to the old address (https://network.office.com/t5/Security-Privacy-Compliance/bd-p/security_privacy), by the way, which generates a certificate mismatch.

Great tool.

 

I made some updates to improve my score.

 

When will I see my score updated?

 

 

My client is not using Exchange Online. It would be helpful if there was some way to exclude the actions related to exchange from the  Secure Score recommendations

Hi Mark,

Thanks for reaching out. The Secure Score is calculated once per day (at 1am PST). Please note that not all of the controls are instrumented, so some actions might not reflect an improvement in your score yet (those controls are labeled [Not Scored]). Otherwise, you should see your score reflect your actions within a maximum of 24 hours!

Thanks,

Brandon Koeller

Hi Dean,
Thanks for the feedback. Long term, we will definitely exclude controls for services that you don't have. For now, we've opted to include all of the controls since several are not scored to help users understand the full range of options. We also plan to give you the ability to exclude specific controls that you know you will never be able to enact, even if they pertain to services you own.
Thanks!
Brandon Koeller

@Brandon Koeller wrote:
Hey Paul,
... It is surprisingly hard to find the source data in the ecosystem, ...

Well, at last! Someone from Microsoft acknowledging this. Perhaps you could also raise the visibility of some of the audit issues - like missing data from the audit reports.

 

Also perhaps you could get someone to finally deal with the issue of trying to identify which users have not used the system recently (e.g. have not logged in in the last 90d). This appears to still be virtually impossible, especially when users are not using Exchange Online.

 

These issues are causing no end of problems.

 

I recently tried to identify people not using the system in order to recover licenses. I used the audit reports for the last 180d thinking that at the very least all active users must have changed their password in that time and that should have been audited. Needless to say that resulted in nearly 10% of identified users that were actively using the system.

Hey Julian,
Thanks for the feedback. My comment about the difficulty of finding source data in the system is related to the complexity of the back end ecosystem, not the availability and accessibility of relevant data for customers. In general, customer-facing data stores are meant to be straightforward, at least through the supported interfaces (usually web, api, and powershell). To your point, however, there are some resources that you can use to get your answers:
-The Admin Center Usage Reports page should allow you to discover which users are using which services for any given period of time: https://portal.office.com/adminportal/home#/reportsUsage
-You can also focus just on logons by looking at the list of users and comparing it to the logon activity logs in the service. I've taken the liberty of whipping up a quick powershell script which dumps the UPNs of users who have not logged in for the last 90 days: https://github.com/OfficeDev/O365-InvestigationTooling/blob/master/InactiveUsersLast90Days.ps1
-The Search-UnifiedAuditLog cmdlet, and its web interface (https://protection.office.com/#/unifiedauditlog) is a great resource to tracking any kind of activity in the service.
-If you are targeting illicit activity detection along discrete threat vectors, you can also use our 'Finding Illicit Activity The Old Fashioned Way' article: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way...

Thanks!
Brandon Koeller

It is nice tool and this is what we really need, we couldn't expect to teach everyone about security issue and threats and they just want to press one key to see what is going on and we are the one in background working to make sure that key is working fine.

Many thanks Brandon. I've been tracking these issues for some while but I've struggled to pin down actual evidence.

 

Having just revisited the issues that I'm having. I now have hard evidence from the get-msoluser and the combined audit log that something is very badly wrong. At least with our tenancy if not something wider.

 

Two definitive issues: One is that get-msoluser consistently reports some users with PasswordNeverExpires set to TRUE which should never happen.

 

The second is even more serious. I have found a user who is currently logged into the system but according to the Get-MsoUser data hasn't changed her password for 181 days (our tenant is set to require password change after 90d). Here is some relevant information:

BlockCredential : False
IsLicensed : True
LastPasswordChangeTimestamp : 2016-04-22 11:27:22
LicenseReconciliationNeeded : False
OverallProvisioningStatus : Success
PasswordNeverExpires : False
StrongPasswordRequired : True
StsRefreshTokensValidFrom : 2016-04-22 11:27:22
ValidationStatus : Healthy
WhenCreated : 2013-05-07 10:11:03

Checking the combined audit log I can see that it agrees that the user last changed their password on the 22nd April but they are still logging in. They should not have been able to log in after July 21st. However, the audit log has recorded 23 logins since then.

 

Previously, I'd been assuming that some data was missing from the audit logs but it appears that there may be a more serious issue.

Thanks for sharing this. I hope that this is an isolated event, but I'll do some research on my clients tenant to see if the same problem exists

No problem Dean.

 

I don't believe that it is isolated for us. It's just that this is the first time I've actually been able to prove it happening.

Also, thanks for the pointer to the Investigation Tooling Github. I've run the script to check for users not logged in in the last 90d but the first entry that it reports is one that I know is used daily because the person sits behind me in the office! They are a very heavy Office 365 user as they helped my set up our tenant.

Great service and it's really helped secure and understand Office 365!

 

One of the items counts the number of Exchange mailboxes with auditing enabled and the action is to enable auditing. The mailbox count and number of mailboxes with auditing enabled varies has not matched my mailbox count and their audit status. We're new to Office 365 so we may be overlooking a system database or some other setting. We're simply using get-mailbox and also with the -SoftDeletedMailbox and -Migration switches and check the AuditEnabled status.

 

Thank you!

I've raised a couple of issues in the github log. I think the reason it thought my colleague hadn't logged in is that it only returns 5k records. That's nowhere near enough for a 90d review of logins for 8k users. I'll update the issue with a new script when I've finished it or I can do a pull if you prefer, let me know in the issue (I am TotallyInformation on GitHub).

It turns out that the actual script needed to validate unused logins is significantly more complex than the example. Even reworking the example to deliver the maximum 50k entries is nowhere near enough to cope with the logins from an active 8k seat tenancy for 90d.

 

So I had to turn the script around so that the combined audit log is queried by user. Even then a few users exceeded 5k logins in 90d, one admin user had nearly 20k logins in that period.

 

The new example script is on GitHub here:

https://github.com/TotallyInformation/PowerShell/blob/master/Get-O365UserLoginStats.ps1

 

Oh, and it takes around 10 hours to run!!

Hello,

 

What are the roles other than the admin of Tenant who can access the Secure O365 Score function?

 

Thank you very much for your help and feedback.

Vincent

Currently, it is Global Admins only.  I attended an O365 Deep Dive  webinar a few days ago and we were told that more roles are planned. They are currently gathering feedback so that they can determine what those roles should be.

 

@Brandon Koeller was the presenter and he should be able to provide more details

Hey Vincent,
Thanks for reaching out. Dean has it just right below: The Secure Score is currently only available to Global Administrators because the breadth of /actions/ that the Score enables requires that level of access. We've gotten feedback that some customers would really like to expose the experience to non-Admins (although not to everyone in their tenancy) to drive more awareness. Is there an in-built role in the service that you think you would want to use to grant access to your Secure Score experience? Security Administrators? Exchange and/or SharePoint admins?
Thanks!
Brandon Koeller

Hello,

 

I really appreciate your feedback and information you share.

Following your answer, i discuss with my customer ans i am waiting information from him about role he would like to Add to grant access for Secure Score experience.

As soon as i receive information, i share.

 

Thank you very much for your feedback.

best Regards.

Vincent

Thank you for your feedback Dean.
Hi Brandon/Karsten, I have the same issue, but it seemed to work fine yesterday (9th)
Solution

Another issue with Secure Score.

 

"You should require that all of your users reset their password at least every 60 days"

 

This is no longer current best practice where strong passphrases and 2FA are used since more rapid enforced change of passwords leads to the use of weaker ones.

Hey Julian,
Thanks for the feedback. We 100% agree, and have been working on 'flipping' this control to award points for /not/ setting a password expiration policy. Microsoft and NIST both recently released research that supports this change on our policies. Thanks again for the feedback!
As Per Microsoft's Recommendation: https://www.microsoft.com/en-us/research/wp-content/uploads/2016/06/Microsoft_Password_Guidance-1.pd...
And updated NIST standards: https://pages.nist.gov/800-63-3/sp800-63-3.html
Brandon Koeller

That password recommendations document contains a lot of good info. Can you get it copied from the Research org over into some public places, such as docs.microsoft.com and support.office.com?

Hey Dean! I'll ask! Thanks, Brandon
Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
22 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
flashing a white screen while open new tab
cntvertex in Discussions on
13 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
28 Replies