Security and compliance are complex topics that traditionally have been focused on corporate on premise systems or networks. Enterprises typically look to security experts or audits as methods to evaluate the current state of security and learn where improvements are needed. Microsoft recently released Office 365 Secure Score, a new capability that helps evaluate the security of our Office 365 environment and provides you with actionable guidance on ways to improve it. Join Antonio Maio, Microsoft Office Server and Services MVP, to learn how to use Office 365 Secure Score, how to raise your score and how it can help you improve the security and compliance of your Office 365 environment.

1. Internal Audit, Risk, Business & Technology Consulting
RAISE YOUR OFFICE 365 SECURE SCORE
Antonio Maio
Protiviti | Senior SharePoint Architect
Microsoft Office Server and Services MVP
Email: antonio.maio@protiviti.com
Blog: www.trustsharepoint.com
Slide share: http://www.slideshare.net/AntonioMaio2
Twitter: @AntonioMaio2

2. © 2017 Protiviti Inc. An Equal Opportunity Employer M/F/Disability/Veterans. Protiviti is not licensed or registered as a public accounting firm and
does not issue opinions on financial statements or offer attestation services. All registered trademarks are the property of their respective owners.2
• Understand Cloud Provider Responsibilities
• Understand Your Responsibilities
In all cloud environments, security and information
protection must be a Shared Responsibility
Understanding how your responsibilities are managed
requires strong Information Governance policies &
procedures
SAAS = Office 365
PAAS = Azure Web Services, Azure Functions
IAAS = Azure VMs
Understand your responsibilities in securing your information in Office 365

3. © 2017 Protiviti Inc. An Equal Opportunity Employer M/F/Disability/Veterans. Protiviti is not licensed or registered as a public accounting firm and
does not issue opinions on financial statements or offer attestation services. All registered trademarks are the property of their respective owners.
• SharePoint Permissions
• Information Rights Management/RMS
• External Sharing Controls
• OneDrive for Business Sharing Controls
• Encrypted Communication (TLS)
• Encrypted Data at Rest
• Multi-Factor Authentication
• Modern Authentication (ADAM)
• Retention Policies
• Site Classification
• Office 365 Trust Center
• Office 365 Secure Score
• Customer Lockbox
• Security and Compliance Center
 Security Roles & Permissions
 Activity Monitoring/Audit Log Search
 Automatic Alerts
 Advanced Security Management
 Classification Labels & Label Policies
 Data Loss Prevention
 eDiscovery
 Mail Filtering/Anti-Malware/DKIM
 Advanced Threat Protection
 Compliance Reports/Trust Documents
• Exchange Online Protection
• Exchange Mailbox Auditing
• Threat Intelligence
• Advanced Data Governance
3
• Active Directory Federation Services
• AD Pass Through Authentication
• AD Seamless Single Sign On
• Azure B2B
• Azure Information Protection
• Azure Conditional Access
• Azure Identity Protection
• Azure Privileged Identity Management
• Advanced Threat Analytics
• Microsoft Intune MDM
• Cloud App Security
• Azure Security Center
• Azure Key Vault/Bring your Own Key (BYOK)
Features and Capabilities

4. © 2017 Protiviti Inc. An Equal Opportunity Employer M/F/Disability/Veterans. Protiviti is not licensed or registered as a public accounting firm and
does not issue opinions on financial statements or offer attestation services. All registered trademarks are the property of their respective owners.
Navigate to https://securescore.office.com and login with Administrator credentials (Global Admin or other Service Admin)

5. Internal Audit, Risk, Business & Technology Consulting
DEMONSTRATION
Office 365 Secure Score

6. © 2017 Protiviti Inc. An Equal Opportunity Employer M/F/Disability/Veterans. Protiviti is not licensed or registered as a public accounting firm and
does not issue opinions on financial statements or offer attestation services. All registered trademarks are the property of their respective owners.
FINAL THOUGHTS
• Security is still your responsibility, even after you’ve moved to the Cloud
• IT Roles Shift… Security becomes a Shared Responsibility
• Understanding your Responsibilities & Capabilities Available is Critical
• Office 365 Secure Score Helps you Improve Security in Office 365
• What is my current security posture?
• What do I want my security target to be?
• Which security features am I using and which can I still make use of to improve my security posture?
• What is my progress over time?
• Office 365 Secure Score Helps Report on How Office 365 Security has Improved,
and How You Got There
6

7. Internal Audit, Risk, Business & Technology Consulting
THANK YOU
Antonio Maio
Protiviti | Senior SharePoint Architect
Microsoft Office Server and Services MVP
Email: antonio.maio@protiviti.com
Blog: www.trustsharepoint.com
Slide share: http://www.slideshare.net/AntonioMaio2
Twitter: @AntonioMaio2