Our guide to getting the best out of Microsoft Secure Score.

Recognising the growth in cyberattacks, Microsoft developed a benchmarking system to help companies reduce their risk of attack in the cloud. Microsoft Secure Score is a free tool that marks your business out of 100 for various security elements including Identity and Access Management (IDAM), devices, data, apps, and infrastructure.
 
The system provides you with multiple sub-scores, each contributing to the overall score for your security. As you configure your environment your score either increases or decreases, based on your real-time security posture. (Warning, it can become mildly addictive.)
 
Using these scores gives you a straightforward way to understand, monitor and improve the security of your Microsoft 365 environment.  

 

Identity, Identity, Identity...

A crucial subset of the Microsoft Secure Score markers is the Identity Secure Score. You can access the score and related information on the Identity Secure Score dashboard. 
 
Identity and Access Management (IDAM) is a key component of cloud security and is always where we start when assessing the security of any environment. Getting IDAM right makes sure that only the right people have access to the right data and resources, ensures compliance and limits the damage that could be caused by a potential breach. (If you’re interested in finding out more about a sound IDAM approach, download our guide ‘How to Avoid the Fate of the Death Star’.

 

But what does it all mean?

Here’s our quick guide to understanding your overall Secure Score:

 

Under 50% 
There is some immediate work needed to sufficiently secure your environment
 
50 - 80% 
You're getting there, but you still need to address the recommended actions
 
80%+ 
Looking good, but there’s always room to improve, and find ways of maintaining your score

 

Security v usability : Our tips for quick wins

It’s important to bear in mind that not every recommendation will work for your environment; there will always be a trade-off between security and usability. It’s no good having the most secure laptop in the world if you can’t actually use it in the way that you need to. It just depends on how much risk you’re willing to accept. 
 
Here are a few ways you can beef up your defence without sacrificing that sweet, sweet user experience:
 
• Insist all staff use the strongest level of Multi-factor Authentication (MFA) available
• Block legacy authentication methods from the environment; legacy authentication doesn't support MFA, meaning it can be bypassed
• Reduce administrative rights on all standard accounts

 

Getting started

You can start now by going to https://security.microsoft.com and signing in using your Microsoft ID to access your Secure Score. Your dashboard will suggest the actions you need to take to improve your score and, ultimately, your organisation's security.
 
To help you get going, our Head of Delivery, Reda Wahid, has put together this handy, step-by-step video explaining how to access and use Secure Score.

 

If in doubt, call in the experts

If your score is not where you’d like it to be, and the list of recommended actions is overwhelming and impenetrable, we can help.
 
Our Cloud Security Review is a relatively low-cost, one-off project that provides you with a comprehensive report, including:
 
• the current security posture of your Microsoft environment
• the configuration health of your identity and devices
• recommendations for the foundations to build a secure, robust IT infrastructure
 
Our security consultants use a proven methodology based on Microsoft best practice, the CIS framework, and decades of specialist security experience to ensure you have all the information required to improve your security posture.
 
At the end of the review, you will understand precisely where you are with your cloud security, and how to make it better.

 

But don’t just take our word for it...