What is an Microsoft Secure Score?

A Secure Score is a proactive security management service for Microsoft 365 and Office 365, which can improve the security posture of your Company and decrease your chance of being hacked or affected by a data breach. It takes an overall look at the health of your Company and the steps that can be taken to reduce your risk. 

Features 

• Analysis of your Company's IT environment, examining how secure it is and providing an overall assessment via a secure score.
• Provides a way of grading how well available security controls have been implemented, off-setting the risk of being breached.
• Provides a way to target an improved score and the corresponding set of actions that need to be implemented to achieve this score.

Risk Assessment

A Microsoft Secure Score provides an overall risk assessment, highlighting areas where your Company is at risk with the top threats, based on your infrastructure configuration.

Here are some examples and the risks they represent:

• Account Breach | A 'breach' is an incident where data is inadvertently exposed in a vulnerable system, usually due to insufficient access controls or security weaknesses in the software.
• Elevation of Privilege | An attacker has managed to compromise one or more accounts, and is now working to increase their power.
• Data Ex-filtration | An attacker has found a way to move data out of your Company.

Improving your Secure Score

As useful as the overall score is, the real power of a Microsoft Secure Score is the personalized recommendations it makes for your Company.  This is an actionable list of controls that can be implemented that will improve your security and will later be reflected in a higher Secure Score.

Depending on how much your administrator wants to improve your score, there is a sliding bar (modeler), that can be used to target a particular score and the corresponding set of actions. For example, to obtain a score of 200 it may require implementing 7 actions, while a score of 250 might only require 14 actions.

Example of a modeler, which shows a current secure score and the number of actions required to reach the maximum score. 

To conclude, the Microsoft Secure Score is just a numerical summary of your security posture based on system configurations, user behavior, and other security related measurements.

It is not an assessment of the likelihood of breach to your system or data.  Rather, it’s a measurement of how many security controls you’ve adopted to help offset the risk of a breach.

Want to know more? Sign up for an assessment with one of our experts.