According to the latest Microsoft Digital Defense Report, human-operated ransomware attacks were up more than 200% in 2023. For independent software vendors, building trust with customers means proving their teams have the necessary security awareness training, performed in regular intervals, kept up to date, and documented.

The Microsoft 365 Certification validates an app’s underlying compliance, privacy, and data handling attributes through free penetration testing and independent yearly audits. Certification can help ensure an app’s security is maintained and updated regularly, and that employees are utilizing the industry’s best practices and policies to keep customer data safe.

Security awareness overview

Security awareness training gives visibility into the potential risks and the applicable policies, standards, and procedures relating to compliance and cyber-security. The training should cover topics and threats that employees may experience such as proper password management, phishing prevention, social engineering, data protection, and identity and access management.

Security awareness training can reduce the risk of security breaches and data loss that can damage reputation and customer trust. By following the best practices and standards of the industry, an app’s overall security and performance can be improved. These trainings help develop a security mindset and build a culture of security within an organization.

Microsoft 365 Certification validates security awareness training

One of the criteria for obtaining Microsoft 365 certification is to have a security awareness training program in place for the app’s information system users (including managers, senior executives, and contractors) This program should cover topics such as password management, phishing prevention, data protection, and identity and access management.

An app can show that it adheres to security best practices and industry standards that Microsoft and its customers demand by having a thorough security awareness training program and proper records for training completion, as well as regular intervals for training depending on role.

Security Awareness Training is a vital component for an app’s compliance security posture. It can help protect from front-line cyber threats, comply with the Microsoft 365 Certification requirements, and demonstrate the app’s security to potential clients.

Next steps

To learn how Microsoft 365 Certification validates security awareness training best practices are in place for your application, visit the Microsoft 365 Certification security awareness control evidence requirements.

To start certification, go to the Microsoft Partner Center dashboard, select an app from Marketplace offers overview, and select App Compliance.