How to use Microsoft Compliance Score to improve data protection

The new Compliance Score console in Microsoft 365 offers templates and advice to help meet the ever-growing list of regulatory data protection and privacy rules.

HIPAA, GDPR, California’s CCPA — the number and type of compliance mandates that a firm has to abide seems to increase on a daily basis. Microsoft 365 has added a new Compliance Score console to its compliance center to better manage your compliance efforts.

If you’ve never been to the compliance center, you start out with a 0 score.

To begin the review process to raise that score, go to the compliance center and click on Compliance Score (currently in preview). Many of the items in the Compliance Score have low impact to the end user, or you’ve been doing them for years but have not quantified the protection benefit they provide. For example, the first item on the compliance list is a mandate that private information be protected using lock-screen functionality. Locking the screen is an easy step to take that has low impact to the end user.

bradley compliance 1 Susan Bradley

Recommendation to lock the screen to block info

Many of the recommended steps use Intune, Microsoft’s cloud-based management solution to control and protect systems. For example, one of the recommended steps is to use Intune’s mobile device policy to block mobile devices that have been jail-broken or rooted and at risk for malware infections. You should always mandate that such devices are not allowed on a network. Furthermore, you may need to identify which mobile devices are company owned or personally owned.

To continue reading this article register now

Microsoft's very bad year for security: A timeline