How Secure Is Your Company Email?

In prior blogs, I’ve talked about the merit of multi-factor authentication as the single best protection of any online account. Even though that is the case, if you’re a company running Office365 there is so much more you can be doing to protect yourself, your employees and your company. Microsoft has a simple way for you to understand best practices and ways to improve called Office365 Secure Score.


There are a few straightforward security measures every person can take. This includes having a unique password and turning on multi-factor authentication for every critical online account. For detailed instructions on multi-factor please read my prior posts. This will stop criminals from taking over your accounts. Beyond email it’s critical everyone use a modern browser such as Chrome on the latest version plus add an ‘Ad Blocker’ extension.  Combine this with running a top notch anti-virus software and keep your operating system patched will drastically reduce your chance of malware and viruses.


What if you work in a corporate environment? What if your company runs Office365? According to a 2016 study by Skyhigh, 91.4 percent of businesses with at least 100 users were running Office 365. That means if you’re reading this its highly likely your company is running Microsoft cloud based email called Office365.  This can be a great suite of tools when you combine email, filesharing in Onedrive, notetaking in OneNote and the online productivity tools in Office. However, Microsoft isn’t the best at everything and because they have a history as a large company they have a lot of software to keep updated and patched, which means they aren’t the best at security.


If you’d like to protect your organization, then I recommend talking with your IT department to ensure they are verifying the company setup using Office365 Secure Score. Microsoft explains, Secure Score figures out what Office 365 services you’re using (like OneDrive, SharePoint, and Exchange) then looks at your settings and activities and compares them to a baseline established by Microsoft. Basically, Microsoft understands how to make the software more secure but can’t unilaterally make every change without companies verifying it will work within each enterprise environment.


Secure Score checks basic things like:

  • Ensuring multi-factor is enabled for all administrative accounts
  • Limiting the number of technology users with unlimited access
  • Reviewing users accounts that are still active with no usage
  • Ensuring settings like archiving are turned on
  • Ensuring sharing of personal information is limited
  • Verifying IT is looking at critical security reports



This is all provided in a simple set of charts and graphs that shows how a company is performing against the industry.  Take the time today to share this blog with your IT professionals to ensure they are securing your organization with the tools that are already owned and provided.


As a leader of my organization’s technology I review Office365 Secure Score weekly to look over the new recommendations and ensuring settings haven’t changed. It is a simple yet effective tool that ensures my organization has a strong security posture and can stay ahead of the criminals.


Have a question for our experts? Leave your comment below and check out our website for more information.

About Shaun Hunt


Email Address:

Shaun Hunt manages the Technology group at McKenney’s, covering everything from mobile devices to cloud computing. He holds a Master of Organizational Leadership from Southern NH University. Shaun launched his technology career in consulting at Accenture followed by Deloitte Consulting, before holding senior technology positions in financial services and non-profits. Shaun is passionate about creating efficient and effective systems that enable clear business value safely and securely.

Leave a Reply

Your email address will not be published. Required fields are marked *