How to Use Microsoft Secure Score
Wouldn’t it be nice if you could measure your organization’s security operations for your Microsoft 365 tenant and know exactly where you needed to make changes to avoid vulnerabilities? With Microsoft Secure Score you can do just that.
This robust threat and vulnerability management tool automatically analyzes your organization’s security practices and assigns you a score based on how effective your current operation is. The higher your score, the less vulnerabilities you face. A lower score means you’ve got some work to do. What makes Secure Score even better is that it provides details on exactly what you need to do to increase your score to become even more secure.
By taking advantage of the centralized dashboard in the Microsoft 365 Defender Portal, you can monitor the security of your Microsoft 365 identities, apps, and devices, then follow the Secure Score recommendations to protect your organization from threats. With the dashboard you’ll gain access to various metrics and trends, be able to integrate with other Microsoft products, see your score in comparison to similar organizations, and much more.
How does the Secure Score report work?
As a starting point, you’re given a percentage rating that shows your overall security performance. Details include separate scores in various areas like applications, passwords, and devices. You’ll be able to compare your results to establish key performance indicators (KPIs), allowing you to make appropriate improvements. Reports can also help ensure you’re complying with protecting your user’s personal data, and present the information to company leaders.
One you begin making the appropriate improvements you’ll receive points (or partial points) to increase your score. If you are unable, or choose not to comply with the suggestions made, you’ll be made aware of the risk posed to your organization. In addition, Secure Score will show you recommendations for your other supported Microsoft products, regardless of license edition, subscription, or plan so you can easily understand how to get the most out of your score. Secure Score changes are updated daily at 1:00am PST.
How are your actions scored?
Each time you make an improvement, like creating a new security policy or turning on certain security settings, you’ll receive points. For example: if a specific action states that you’ll get 10 points if you protect all your users with multi-factor authentication (MFA) and you choose to only protect half of your users you’ll get a partial score of 5 points (half the points for half the users). Additionally, if you are using a third party product to achieve one of the recommended security actions, you can mark the item as “Resolved by third party” and those points will be added to your overall score.
Which products are included in Secure Score?
Microsoft Secure Score currently supports the following products and applications:
- Microsoft 365 (including Exchange Online)
- Microsoft Office
- Azure Active Directory
- Microsoft Defender for Endpoint, Identity, and Cloud Apps
- Microsoft Defender for Identity
- Microsoft Teams
It’s a good idea to check back occasionally because Microsoft will be making recommendations for additional security products from time to time.
Getting started is easy
If you’re not sure where to start, Microsoft Secure Score has preset improvement actions to support certain security defaults in Azure Active Directory, making it easier to help protect your organization from common attacks with their pre-configured security settings.
By turning these security defaults on, you’ll be granted the full amount of points for the following improvement actions:
- Ensure all users can complete MFA for secure access (9 points)
- Require MFA for administrative roles (10 points)
- Enable policy to block legacy authentication (7 points)
Know your risk level
Microsoft Secure Score is an industry-leading solution to gain a better understanding of where your organization’s security measures fall. But it’s important to understand that no level of security can guarantee that you won’t be the victim of a breach. This system represents the extent to which your organization has adopted security controls within your Microsoft environment, helping to offset risk levels. No online service is immune from security breaches, and secure score shouldn’t be interpreted as a guarantee against security breach in any manner.
If you have questions about Microsoft Secure Score, or would like more information, reach out to our team and we would be happy to review your platform and offer suggestions.