As I covered in my previous post abut Compliance Score and Compliance Manager, Microsoft has provided a new interface to allow you to better protect your environment and your data. As you increase the compliance score of your tenant you can realize further protections of your data contained within the system. In this post, I will cover completing actions in the compliance manager to increase the compliance score of your environment.
Actions in the Compliance Manager
To access the compliance manager you need to navigate to https://compliance.microsoft.com/compliancescore. Once there as indicated in the previous posts you can view your current compliance score. Just beside the compliance score is a list of “Improvement Actions” that you can act on to secure your data and increase your score. The overview tab provides a list of some of the top actions suggested to take, but you can see the full list by clicking on the Improvement actions tab or the link: View all improvement actions.
On the Improvement actions tab, you can see the list of all actions to be taken based on the loaded compliance template(s). You can filter these further by clicking on the filter option and trimming the results based on
- Compliance template (called standards and regulations)
- Solution (Feature/Solution in M365)
- Compliance manager group
- Test Status
To complete an action select one within the list. For the purpose of this post, I will block legacy authentication.
- Click on Block Legacy Authentication in the improvement action list
- This will bring you to a screen with an overview of the risk your environment is based on protection/compliance not being in place. You will also be provided with instructions for implementing the improvement.
- If this action meets your organization’s needs click on Launch Now. This will take you to the administration section that will allow you to make the necessary changes (Conditional Access of Azure AD in the case of Legacy Authentication).
- Complete the steps provided in the action overview to enable the compliance improvement.
Updating Your Compliance Score
Within 24 hours a job will run to re-calculate your tenant’s compliance score. You will then see an improvement based on the number of actions you have taken. Note, until the job runs to rescan the tenant the improvement action will still be visible in the improvement list.
Overall, I find the new compliance manager a nice addition to the admin console. It really streamlines the steps to increase data protection, governance, and compliance within the tenant.
Thanks for reading.