Recognising the growth in cyberattacks, Microsoft developed a benchmarking system to help companies reduce their risk of attack in the cloud. Microsoft Secure Score marks organisations out of 100 for various security elements including Identity and Access Management (IDAM), devices, data, apps, and infrastructure.
With a score for each element and an overall score, you can watch your business moving up the ranks as you take steps to improve your security posture. Warning, it can become mildly addictive.
So, what on earth is Microsoft Secure Score?
If you’re asking this question, the chances are you need it.
Microsoft Secure Score allows you to measure the strength of your Azure security, tighten any areas that need tightening, and track your progress across your entire cloud environment. Your overall Secure Score is calculated by tallying up the performance scores of several different products in the Microsoft stack:
- Microsoft 365 (including Exchange Online)
- Azure Active Directory
- Microsoft Defender for Endpoint
- Microsoft Defender for Identity
- Microsoft Defender for Cloud Apps
- Microsoft Teams
A crucial subset of the Microsoft Secure Score markers is the Identity Secure Score. You can access the score and related information on the identity secure score dashboard, including:
- your identity secure score
- a graph showing how your Identity Secure Score compares with other tenants that are a similar size in the same industry
- a trend graph showing how your Identity Secure Score has changed over time
- a list of possible improvements
"Azured improved our Microsoft Secure Score from 23% to 92%, practically overnight. There's something very comforting in knowing you're in a safe pair of hands that you can trust."
Alex Manning, Head of IT, Tecknuovo
Of course, there are lots of ways you can beef up your defence without sacrificing that sweet, sweet user experience.
This free tool from Microsoft will also give you suggestions for improving your score, and you can then choose which of Microsoft’s recommendations you want to follow to make improvements.
But what does it all mean?
Under 50% there is some work to do to sufficiently secure your environment
50 - 80% you're getting there but you still need to address some insecurities
80%+ looking good, lets make we can maintain this score.
Take a look to find out what areas could do with improving. And to find out how Single Sign On, Multi Factor Authentication and Self Service Password Reset can all improve your Microsoft Secure Score, get yourself a free copy of How to avoid the fate of the Death Star: our guide to identity and access management in the cloud.
This post was originally published 12 September 2021 , and was last updated 17 July 2023.