Recognising the growth in cyberattacks, Microsoft developed a benchmarking system to help companies reduce their risk of attack in the cloud. Microsoft Secure Score is a free tool that marks your business out of 100 for various security elements including Identity and Access Management (IDAM), devices, data, apps, and infrastructure. The system provides you with multiple sub-scores, each contributing to the overall score for your security. As you configure your environment your score either increases or decreases, based on your real-time security posture.
(Warning, it can become mildly addictive.) Using these scores gives you a straightforward way to understand, monitor and improve the security of your Microsoft 365 environment.
If you’re asking this question, the chances are you need to log in, like, today.
In the meantime, here’s a whistle stop tour...
Microsoft Secure Score allows you to measure the strength of your Azure security, tighten any areas that need tightening, and track your progress across your entire cloud environment. Your overall Secure Score is calculated by tallying up the performance scores of several different products in the Microsoft stack, including Microsoft 365 (including Exchange Online), Azure Active Directory, Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Defender for Cloud Apps and Microsoft Teams.
The Secure Score dashboard is divided into various sections, giving you easily digestible and actionable information about:
- Your current score
- Your score history
- A list of actions to review which can increase your score
- A comparison against other organisations like yours
Identity, Identity, Identity...
A crucial subset of the Microsoft Secure Score markers is the Identity Secure Score. You can access the score and related information on the Identity Secure Score dashboard.
Identity and Access Management (IDAM) is a key component of cloud security and is always where we start when assessing the security of any environment. Getting IDAM right makes sure that only the right people have access to the right data and resources, ensures compliance and limits the damage that could be caused by a potential breach.
Here’s our quick guide to understanding your overall Secure Score:
- Under 50% There is some immediate work needed to sufficiently secure your environment
- 50-80% You're getting there, but you still need to address the recommended actions
- 80%+ Looking good, but there’s always room to improve, and find ways of maintaining your score
Security v usability : Our tips for quick wins
It’s important to bear in mind that not every recommendation will work for your environment; there will always be a trade-off between security and usability. It’s no good having the most secure laptop in the world if you can’t actually use it in the way that you need to. It just depends on how much risk you’re willing to accept.
Here are a few ways you can beef up your defence without sacrificing that sweet, sweet user experience:
1. Insist all staff use the strongest level of Multi-factor Authentication (MFA) available
2. Block legacy authentication methods from the environment; legacy authentication doesn't support MFA, meaning it can be bypassed
3. Reduce administrative rights on all standard accounts
Getting started
You can start now by going to https://security.microsoft.com and signing in using your Microsoft ID to access your Secure Score. Your dashboard will suggest the actions you need to take to improve your score and, ultimately, your organisation's security.