Lupasafe (Skopos Security Labs B.V.)

This article describes 

- Why to activate the audit

- How to activate the Microsoft Office 365 / Azure Cloud Audit in Lupasafe.

- Microsoft Secure Score 

- How to improve your score

- What to do if you use other products outside Microsoft and want to improve the score

Introduction

In today's business landscape, Microsoft Office 365 has become an integral part of organizations, offering a wide range of functionalities such as Teams and OneDrive. Many companies hurriedly implemented a 365 environment during the COVID-19 pandemic. It's crucial to take security seriously, as a security breach can have severe consequences, including data loss and damage to your reputation. Lupasafe now offers a 365 Audit, providing insight into the security of your Microsoft Cloud and ways to improve it. In this support article, we will discuss why activating the audit is important, how to enable Microsoft Office 365 / Azure Cloud Audit in Lupasafe, Microsoft Secure Score, how to enhance your score, and what to do if you use non-Microsoft products and want to improve your score.

Why Activate the Audit?

Activating the audit is essential for several reasons:

1. Security Awareness: It provides insight into the security status of your Azure 365 environment, highlighting vulnerabilities and security gaps. This awareness is crucial for safeguarding your data and operations.
2. Compliance: It helps identify compliance issues and assists in adhering to regulations and standards, ensuring that your organization operates within legal boundaries.
3. Risk Reduction: By receiving recommendations on security improvements, you can take proactive measures to reduce risks and protect your business from potential threats.

How to Activate Microsoft Office 365 / Azure Cloud Audit in Lupasafe

Activating the Microsoft Office 365 / Azure Cloud Audit in Lupasafe is a straightforward process (You need admin rights on Azure to activate this function):

1. Login to Lupasafe: Access your Lupasafe account at https://portal.lupasafe.com using your credentials.
2. Navigate to Settings - Integration - Microsoft Office 365/Azure Cloud audit
3. Initiate Audit: Follow the provided instructions to initiate the audit for your Microsoft Office 365 / Azure Cloud environment. After activation you see this message, it can be up to two hours before you see the score in the dashboard:

Seeing the results - the Microsoft Secure Score

The integration extracts the Microsoft Secure Score and underlying data from your connected tenant. This is updated at least once a day. The Microsoft Secure Score is an indicator of your Azure 365 environment's security. It assesses your organization's security status and performance through a point-based system. A higher score reflects a higher level of security. Keep in mind that Microsoft may charge for certain features, and your score could be affected if you use alternative solutions from other vendors, such as a different Multi-Factor Authentication (MFA) solution. We will cover later on how you can deal with this. 

On the Lupasafe Dashboard navigate to "Endpoints" you see a widget called 'Secure Score'. 

Clicking on this score reveals the details (example data):

First the current score with underneath the progress made over time. Attention should be paid to the Key Risk Policies. After activating certain policies, the score should increase. 

How to Improve Your Score

To enhance your Microsoft Secure Score, Lupasafe provides insights and recommendations. You can find these on the above mentioned dashboard page or in your Microsoft Admin account:

Lupasafe may recommend implementing the following policies:

1. Multi-Factor Authentication (MFA) for Users: Enabling MFA adds an extra layer of security to your employees' login process, reducing the risk of unauthorized access, even if login credentials are compromised.
2. MFA for Administrators: As administrators have access to sensitive business information, securing their accounts with MFA is crucial.
3. User Risk Detection and Reduction: This policy helps identify suspicious activities like unusual login attempts, allowing for swift action to prevent potential breaches.
4. Blocking Access via Outdated Protocols: By blocking access through legacy protocols, you reduce the risk of attacks targeting outdated and less secure methods of accessing your Azure 365 environment.

Implementing these policy rules can significantly bolster your Azure 365 security score and reduce the likelihood of security breaches. These measures are relatively easy to implement but have a substantial impact on overall security.

What to do if you use other products outside Microsoft and want to improve the score

Microsoft allows users to provide the status for an alert. Here an example:

1. Select the alert

2. Click 'Edit status & action plan':

3. Click 'Risk accepted'

Provide a reason and accept.

** Note: It can take up to 24 hours for secure score to be updated**