Blog

Microsoft Secure Score

How to Use Microsoft Secure Score

By Security & Compliance 0 Comments

Microsoft Secure Score

Wouldn’t it be nice if you could measure your organization’s security operations for your Microsoft 365 tenant and know exactly where you needed to make changes to avoid vulnerabilities? With Microsoft Secure Score you can do just that.

This robust threat and vulnerability management tool automatically analyzes your organization’s security practices and assigns you a score based on how effective your current operation is. The higher your score, the less vulnerabilities you face. A lower  score means you’ve got some work to do. What makes Secure Score even better is that it provides details on exactly what you need to do to increase your score to become even more secure.

By taking advantage of the centralized dashboard in the Microsoft 365 Defender Portal, you can monitor the security of your Microsoft 365 identities, apps, and devices, then follow the Secure Score recommendations to protect your organization from threats. With the dashboard you’ll gain access to various metrics and trends, be able to integrate with other Microsoft products, see your score in comparison to similar organizations, and much more.

How does the Secure Score report work?

As a starting point, you’re given a percentage rating that shows your overall security performance. Details include separate scores in various areas like applications, passwords, and devices. You’ll be able to compare your results to establish key performance indicators (KPIs), allowing you to make appropriate improvements. Reports can also help ensure you’re complying with protecting your user’s personal data, and present the information to company leaders.

One you begin making the appropriate improvements you’ll receive points (or partial points) to increase your score. If you are unable, or choose not to comply with the suggestions made, you’ll be made aware of the risk posed to your organization. In addition, Secure Score will show you recommendations for your other supported Microsoft products, regardless of license edition, subscription, or plan so you can easily understand how to get the most out of your score. Secure Score changes are updated daily at 1:00am PST.

How are your actions scored?

Each time you make an improvement, like creating a new security policy or turning on certain security settings, you’ll receive points. For example: if a specific action states that you’ll get 10 points if you protect all your users with multi-factor authentication (MFA) and you choose to only protect half of your users you’ll get a partial score of 5 points (half the points for half the users). Additionally, if you are using a third party product to achieve one of the recommended security actions, you can mark the item as “Resolved by third party” and those points will be added to your overall score.

Which products are included in Secure Score?

Microsoft Secure Score currently supports the following products and applications:

  • Microsoft 365 (including Exchange Online)
  • Microsoft Office
  • Azure Active Directory
  • Microsoft Defender for Endpoint, Identity, and Cloud Apps
  • Microsoft Defender for Identity
  • Microsoft Teams

It’s a good idea to check back occasionally because Microsoft will be making recommendations for additional security products from time to time.

Getting started is easy

If you’re not sure where to start, Microsoft Secure Score has preset improvement actions to support certain security defaults in Azure Active Directory, making it easier to help protect your organization from common attacks with their pre-configured security settings.

By turning these security defaults on, you’ll be granted the full amount of points for the following improvement actions:

  • Ensure all users can complete MFA for secure access (9 points)
  • Require MFA for administrative roles (10 points)
  • Enable policy to block legacy authentication (7 points)

Know your risk level

Microsoft Secure Score is an industry-leading solution to gain a better understanding of where your organization’s security measures fall. But it’s important to understand that no level of security can guarantee that you won’t be the victim of a breach. This system represents the extent to which your organization has adopted security controls within your Microsoft environment, helping to offset risk levels. No online service is immune from security breaches, and secure score shouldn’t be interpreted as a guarantee against security breach in any manner.

 

If you have questions about Microsoft Secure Score, or would like more information, reach out to our team and we would be happy to review your platform and offer suggestions.

Share this post

Related Posts

California Consumer Privacy Act

The Keys to Addressing Your Governance and Compliance Needs in 2020

By

When the California Consumer Privacy Act went into effect on January 1, 2020, it imposed sweeping new data security standards... read more
Meraki AP, Dashboard and Gear

3 Ways to Try Cisco Meraki for Free

By

Test driving your network gear before you commit is crucial - you need to know that the equipment will work... read more
Security Operations Center-as-a-service in Grand Rapids

IT Resource Announces Security Operations Center-as-a-Service in Partnership with Arctic Wolf

By

Arctic Wolf Security Operations Center-as-a-service Gives IT Resource Customers Industry-Leading Managed Threat Detection and Response Services to Tackle the Increasing... read more
cybersecurity plan for business

Your guide to a good night’s sleep: The IT Security Edition

By

Written by Gary Lutz What keeps you up at night? When it comes to business many things may come to mind, such... read more
password security

Password Do’s and Don’ts :: Strong Security Starts with Password Security

By

We’ve been thinking a lot about customer security lately. When we came across this blog series about password security, we... read more
Industry 4.0 Cybersecurity

Cybersecurity and Cyber Resilience – Are you prepared?

By

In the 2019 Cost of Data Breach Report, we see the average cost of a data breach is $3.92 million.... read more

What’s Your Password?

By

What do the terms "password" and "123456" have in common? Year after year they're the two most common passwords used... read more
the evolution of cyber threats

The Evolution of Cyber Threats

By

In 1970 the first computer virus, a worm named “Creeper”, was created by Bob Thomas of BBN. Bob was not... read more
Security awareness training and webinar for your human firewall

Security Awareness Training & Webinar

By

Join us as we welcome KnowBe4 Security Awareness who will be presenting a webinar on strengthening your human firewall on... read more
Benefits of Microsoft 365 for Business

Benefits of Microsoft 365 for Business

By

The last 18 months have turned our world upside down, leaving many business owners with the need for simple, secure... read more