How to make the most of Microsoft’s new Compliance Score Console
Hello, everyone. This is Susan Bradley for CSO Online. Today, I’m going to talk about some new features coming out to the Microsoft 365 subscription. I’m a fan of Microsoft 365, which is their suite of different products that are designed for small to medium businesses. In particular, the Microsoft 365 business suite has like a sweet spot, in my personal opinion, for those people in the small to medium business arena. One of the new things that came out of the into Microsoft’s annual tech conference was Microsoft 365 Compliance Center and specifically the Microsoft 365 Compliance score. The Microsoft compliance score is similar to but not the same thing as the Microsoft security score. As you poke around this site, you’ll realize that there’s similar things in the security score, but it’s designed to provide a wider view of your firm’s data and compliance needs mandates. It also provides a workflow tools to allow you to sign the tasks to users in your organization and to track implementation and status, as well as generate audit reports. So when you come onto this page for the very first time, you’ll notice your score is pretty low because obviously you haven’t done anything. So you want to click on improvement actions and kind of go through and see what impact you can do to the office.
Now, many of these things won’t have too much impact end users, but they provide quite a lot of security features. Some, for example, like require systems to lock on upon inactive use. Inactivity helps to protect users from exposing information to people who shouldn’t have it.
And when you click on any of these options. You’ll see that you can manage documents, you can upload things, you can edit test notes. You can assign it to someone, you can edit the status and indicate that you’ve acted on it, as you can see, you can assign it to someone.
Bottom line on this site, you’ll want to go through and see all the different things that you can do for your environment, for better compliance. The compliance manager site is different. Again, like this secures score site, they share information, but they’re two separate consoles. The compliance score is currently in preview mode. And you can get to it from the Microsoft 365 Compliance Center. The compliance manager is in the Microsoft Secure Trust portal. In the compliance manager, you can come in here and upload templates specific to your environment. You can also review scores in here, as well as review documents that Microsoft has provided to showcase that they’re compliant with various different compliance documents.
For example, if you need a showcase that certain things are compliant with, let’s say PCI DSS or HIPAA, this is the place to go to to get those audit reports that you need to provide to management. As you can see, PCI DSS FedRim and all of the other alphabet soup of compliant documents are up here.
So if you haven’t been out to the compliance manager or the Microsoft compliant score sites, please do so. Take the time to look through the different options and different recommendations. Take the time to review your compliance, needs and options. You will make your organization more secure in the long run. As always, don’t forget to sign up for the TechTalk from IDG on the new YouTube channel. Please watch for the tech news of the day. Until next time. This is Susan Bradley for CSO Online. Thank you again.
READ MORE HERE