Helping customers understand their cybersecurity picture
Security and compliance have always been a top cloud service priority for Managed Service Providers (MSPs) but have become even more critical with the expansion of remote work. Delivering a strong foundation in Microsoft 365 starts with assessing customer cybersecurity and then enabling and configuring a solid security foundation.
The Microsoft scores provide a useful benchmark to measure and optimize
To assist with evaluating the security and compliance of a Microsoft 365 tenant, Microsoft has created a Secure Score in the Security Center and a Compliance Score in the Compliance Center. While they do not account for every possible security or compliance feature or service, these scores can help partners measure, monitor, and update the most critical features and configurations for a foundation of tenant security and compliance. The Microsoft Scores can also be a valuable tool in generating strategic sales conversations with customers.
The Microsoft Secure Score includes a variety of checks to ensure a range of recommended security features are enabled and settings are configured, with the most critical features and settings having the most impact on the score (e.g. MFA and Anti Phish Policy enabled).
The initial Compliance Score is based on the Microsoft 365 data protection baseline which includes a set of controls for key regulations and standards for data protection and general data governance. This baseline draws elements primarily from standards such as the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF), Federal Risk and Authorization Management Program (FedRAMP), and General Data Protection Regulation (GDPR).
The need to monitor more than just the scores
While these scores provide a useful gauge for the security and compliance of a tenant, it is the underlying factors that make up the scores that are most important. In fact, because there are so many contributing factors, it is possible for a score to be relatively high while missing one factor that may be critical to some customers. Therefore, monitoring and remediating the key factors that make up the scores are critical to any security and compliance services.
Challenges of monitoring and remediating the scores
However, consistent monitoring and efficient remediation of multiple specific security and compliance score factors across all customers or groups of customers can be challenging. While the Microsoft Security Center and Compliance Center provide access to the scores, the centers are designed for managing one tenant at a time.
How Cloud Manager can help
Cloud Manager provides an easier path for partners to automate the monitoring, reporting on, and immediate remediation of settings across all customers or groups of customers. And because the automation can be run from the no-code Command Center interface, it provides partners with the best of both worlds: a GUI interface for users without PowerShell expertise and the accuracy and efficiency of PowerShell automation.
Get and set key security settings across customers
Cloud Manager includes over 11K built-in PowerShell cmdlets and dozens of SkyKick-authored sample commands that partners can use as-is or modify to meet their unique needs. To further help partners address key cloud management needs and opportunities, SkyKick is continuing to develop more sample commands, including automation to:
- Get a report on critical Secure Score and Compliance Score settings across customers
- Set Microsoft 365 tenant configuration to improve Secure Score and Compliance Score
Get and set security automation details
Key features: The get and set security sample commands check and set 15 key factors that most impact the Secure Score and Compliance Score, including Microsoft recommended settings and configurations for:
- Number of Global Admins
- MFA status of all users
- Authentication methods
- Data and calendar sharing
- Malware and spam settings
- Anti-Phish Policy
A key feature of each script is that when run from the Workbench or Command Center, the user can use a dropdown menu of connected customers to easily select a single customer, a group of customers, or all customers. This not only makes it easy to monitor and remediate issues, it also simplifies the automation of standardized settings across all customers or groups of customers with common scenarios, e.g. level of services, license type, etc.
Easy to optimize and extend for broader use
These scripts may be useful as-is for many partners. However, because partners and customers differ, the Cloud Manager Workbench is designed to make it easy for partners to adjust these or any scripts to optimize them for their own organization or customers or reuse them to create separate cross-customer automation, based on common customer needs.
Try it for yourself
Access and run the automation
For more information and instructions to import, update (if desired), and run these scripts see Security and compliance management sample commands.
Note: Because the first script above runs a get-type of command, you can run it against any tenants without impact, whether it’s your own, a Microsoft CIE tenant, or your customers’. This makes it easy for partners to test the power of Cloud Manager for themselves.
Use the results to enhance security services delivery
After running these commands, select Activity in the left nav to see a complete list of every action taken across each customer and click View Output to see the list of settings that met recommendations and any that did not from the get-command and a list of checks and changes made from the set-command.
These can be used to populate customer reports on findings and recommendations as well as internal tasks for remediation and improved security service management.
Optimize the automation
For more information on using the Cloud Manager Workbench to create, edit, share, and reuse automation, including how to format any command to run across multiple customers, see Creating Automation in the Cloud Manager Help Center.
Scheduler coming soon!
You will also soon be able to schedule commands to be run in the future or on a recurring basis. With that capability, partners can additionally set up a regular cadence for performing monitoring and remediation scripts like these.