How Microsoft Secure Score helps your company stay safer | Microbyte

How Microsoft Secure Score helps your company stay safer

microbyte secure score

“Enterprises experience 130 security breaches per year, per organization, on average.”

PurpleSec Cyber Security Stats

With more and more resources going to the cloud, enterprise security has become a prime concern for every organization. No amount of security seems enough. One of the key questions that enterprises struggle with is the age-old question – Is my network safe?

Microsoft attempts to help companies answer that question with Microsoft 365 Secure Score. In this blog, we will cover what it is and how you can use it to analyse the security profile of your company’s infrastructure.

What is Microsoft Secure Score

Microsoft Secure Score is an analytics tool that measures your organization’s current security state and gives it an easy-to-understand score. The score makes it easy for anyone to quantify the security state of your organization. 

A higher score indicates that the company has better security policies and measures in place. A lower score means the company is at a greater risk of a security threat. The score is on a relative scale. So, it cannot be compared across organizations. You can only compare it with your own scores in the past.

 

A visual representation of Secure Score:

Microsoft Secure Score

Source: Microsoft Secure Score website

The score is always shown as a percentage. The details are seen on the Microsoft 365 Defender portal. Along with the score, the dashboard shows a set of improvement actions. 

 

Improvement scores

Each improvement action also gives a “Score impact” alongside. This is quite simply how much the score would increase if the action is taken.

So, as you keep acting on the improvement actions, the score will continue to increase. Each improvement actions give 10 points or less, but many are binary in nature.  As such completion of a certain action will fetch 100% of the points, a partial completion fetches no points.

Products covered under Microsoft Secure Score

Microsoft Secure Score monitors a range of products within the Microsoft ecosystem, helping organisations assess their overall security. However, it only covers Microsoft products, so you will need other tools to monitor third-party systems. Here is an overview of the products included:

1. Microsoft 365 (including Exchange Online)

Microsoft 365 security is crucial, and Secure Score helps ensure key security measures, such as multi-factor authentication (MFA) and mailbox audit logs, are in place to protect your emails and documents.

2. Azure Active Directory (Azure AD)

Secure Score evaluates the security of your Microsoft 365 identities by checking your organisation’s access controls and identity protection strategies, such as enforcing conditional access policies and multi-factor authentication.

3. Microsoft Defender for Endpoint

This tool helps ensure a strong security posture for devices. Secure Score provides recommended actions such as enabling Microsoft Defender Antivirus and attack surface reduction rules to enhance your organisation’s security.

4. Microsoft Defender for Identity

This tool monitors suspicious activities with a focus on identity-based threats. Secure Score tracks how well you use it to prevent identity compromises and improve your overall security.

5. Defender for Cloud Apps

With the rise of cloud services, Defender for Cloud Apps helps secure your organisation’s cloud environment. Secure Score suggests actions like applying information protection policies to safeguard data in Microsoft 365 apps.

6. Microsoft Teams

As a vital collaboration tool, Microsoft Teams security is assessed by Secure Score, which recommends actions such as restricting guest access and ensuring encryption of shared content to reduce security risks.

Secure Score limitations

While Microsoft Secure Score provides valuable insights into your company’s security posture within the Microsoft ecosystem, it does not extend to non-Microsoft products. To fully protect your security infrastructure, it is crucial to implement other monitoring tools or work with a security service provider.

How to access Microsoft Secure Score

Only specific user roles in the Azure Active Directory can access Microsoft Secure Score.

If you wish to have read and write access to make changes and interact with Secure Score – you must be a global admin, security admin, exchange admin, or Sharepoint admin.

If you wish to have read-only access with no editing power – you can be a helpdesk/user/service support admin, a security reader/operator, or a global reader in the role.

Other dashboard insights

Apart from the Secure score, the dashboard provides many other insights. Let’s have a look at them.

security score dashboard

Source: Microsoft Secure Score website

 

Track scores over time

Under the Metrics and Trends tab, you can see the change in scores over time and compare that for an organization like your own.

Track scores over time

Source: Microsoft Secure Score website

 

Activity History

The History tab shows you all activities performed that have impacted the Secure score in any manner.

activity history microsoft security

Source: Microsoft Secure Score website

 

Categories of Improvement actions

Source: Microsoft Secure Score website

 

All the improvement actions suggested by Microsoft Secure Score are put in one of 3 categories:

  1. Identity
    These are actions related to the Active Directory accounts and roles.
  2. Device
    They assess and suggest action on the application “Microsoft Defender for Endpoint”.
  3. Apps
    These actions are for email and cloud apps. That includes Office 365 and Microsoft Defender for Cloud Apps.

The dashboard also shows a breakdown of points by category, i.e., how high a percentage of total points in the category has been achieved and how much is left to achieve.

How to improve your Microsoft Secure Score

Improving your Microsoft Secure Score involves adopting best practices to enhance your organisation’s security. The Microsoft 365 Security Centre dashboard provides recommended security actions to address vulnerabilities and improve your score. Here are effective ways to boost your security score:

1. Focus on high-impact actions

Prioritise tasks with the highest score impact, such as enabling multi-factor authentication (MFA) or configuring anti-phishing policies in Exchange Online. These steps will significantly strengthen your security across your organisation.

2. Complete binary tasks

Certain actions must be fully implemented to improve your score. For example, encrypting all devices in your Microsoft 365 environment is an all-or-nothing task that contributes fully only once completed.

3. Enhance identity and access management

Improving your security posture often starts with stronger identity controls. Secure Score helps by recommending actions in Azure Active Directory, such as enforcing stronger passwords and implementing role-based access controls.

4. Strengthen endpoint security

Enable security features like Microsoft Defender for Endpoint and apply attack surface reduction rules. Ensuring mobile and remote devices are fully secured helps reduce security risks and improve your Secure Score.

5. Monitor cloud app security

Cloud apps like Office 365 benefit from best security practices like conditional access policies. Regularly updating cloud security measures will improve your organisation’s cybersecurity score and help you stay safe.

6. Accept or address risks

For actions that do not pose a significant risk to your security framework, you can flag them as ‘Risk Accepted.’ This does not improve your cybersecurity score but ensures the score reflects your security posture.

7. Track your progress

The Secure Score dashboard makes it easy to measure your security progress over time. Regular reviews help you stay on top of new recommendations and improve your overall security.

Fixing an improvement action

You can click on each improvement action to view it in greater detail. 

Fixing an improvement action

Source: Microsoft Secure Score website

 

On the flyout of the improvement action, you can perform 4 actions:

  1. Select “Manage in Microsoft 365 Defender”
    This will take you to the configuration screen and help you make the desired change. If you complete the action, the points improvement shows up on the Secure score within 24 hours.
  2. Select Share
    This will allow you to copy the direct link to the improvement action. It is useful when you wish to collaborate with another team member and work on fixing the improvement action.
  3. Add Notes
    There is also an option to add notes, leave your comments, or keep track of progress.
  4. Add tags
    You can also add tags to the action and categorize them as per your preference.

On completing the improvement action, you will be able to improve your Secure Score and thus make your organization more secure.

 

Conclusion

Secure Score provides an easy way to analyze and act on some of the security policies in your Microsoft environment. Although the security analysis is limited to a few Microsoft products, it can be one of the small steps toward building a more secure enterprise infrastructure.

You can learn more about Secure Score from the video below or read more in their official docs.

 

FAQ

How can Microsoft Secure Score help improve my organisation’s security?

Microsoft Secure Score provides a clear metric to measure your organisation’s security across the Microsoft 365 environment. Evaluating key security controls and recommending actions helps you identify areas that need improvement. The higher the score, the more secure your infrastructure is, and taking these recommended actions can significantly reduce security risks and strengthen your overall security strategy.

How do I access Microsoft Secure Score, and what does it include?

You can access Microsoft Secure Score through the Microsoft 365 or Azure Security Centre. The score provides insights into various Microsoft-supported products, including Azure Active Directory, Microsoft Teams, and Defender for Endpoint. Secure Score also gives you a list of recommended actions to improve your security, making it easy to track and act on security improvements.

Can I compare my Secure Score with other organisations?

No, Microsoft Secure Score is a metric that evaluates your security posture based on Microsoft products within your environment. You cannot directly compare your score with other organisations, but you can track your progress over time to ensure continuous security improvement.

Similar blogs

Transforming Oregon's Construction Industry with IT Support

Transforming Oregon’s Construction Industry with IT Support

In Oregon, one industry stands out as the backbone of the state’s economy: construction. Contributing $16.22 billion to the state’s GDP in 2023, up from $5.41 billion in 2021, the construction sector continues to grow and remains a vital part of the economy.  From housing estates and renovation projects to commercial spaces and urban redevelopment,…

Read More

Avatar photo

Why is IT support in Dubai so bad?

Why is IT Support in Dubai so bad?

With its impressive skyline, reputation for innovation and being at the forefront of tourism and international business, Dubai seems like the kind of place to have some of the best IT support in the world. Internationally connected and popular with businesses that are increasingly reliant on technology, the city is a tax-free, global expat dream….

Read More

Avatar photo

What is a Disaster Recovery Policy?

Recovering from a disaster requires proper planning. As the cliché goes, ‘Failing to plan is planning to fail’- a truism appropriate for incident responses in a business environment.  When critical business operations are under attack, having a disaster recovery policy is essential to establish the correct response. As a high-level strategic document, the policy informs…

Read More

Avatar photo

What is an IT Security Policy

What is an IT Security Policy

An IT security policy confirms the specific rules and correct procedures governing how employees and other parties may use the company’s IT resources. This type of policy details both what is expected and what actions are not allowed. Policies detail acceptable uses of IT technologies, controls limiting user access, accepted procedures, and the consequences for…

Read More

Avatar photo

A Guide to Responsible IT Asset Disposition

A Guide to Responsible IT Asset Disposition

IT asset acquisition requires careful consideration and post-purchase implementation. IT asset disposition (known as ITAD) involves the full lifecycle of an asset while owned by the business.   Every IT asset has a lifecycle. A home user might use a laptop for 4 – 5 years, but most companies expect a shorter lifespan. The equipment must…

Read More

Avatar photo

10 Important Questions to Ask Before Choosing a Managed Service Provider (MSP)

10 Important Questions to Ask Before Choosing a Managed Service Provider (MSP)

Having a reliable and efficient IT infrastructure is a huge asset to any business. Being able to rely on your technology and having professional support when you need it can set you ahead of the competition. As companies grow increasingly reliant on technology, Managed IT Service Providers (MSPs) offer an affordable, practical and efficient way…

Read More

Avatar photo