Use built-in tools to validate the security configuration and settings for O365 and apply recommendations as appropriate to improve security posture. Ensure that there is a consistent level of protection across GC data, identities, and devices.
- Validate that the recommended identity and device access configurations have been implemented
- Use Microsoft Secure Score to measure the current state of the O365 configuration and security posture. A higher number indicates that more improvement actions need to be taken.
- Compare current state posture with benchmarks and establish key performance indicators (KPIs)
- Directive on Security Management - Appendix B: Mandatory Procedures for Information Technology Security Control
- SPIN 2017-01