Secure Score (part 1)

 




To read part 2, please click here




Secure Score Explained

Microsoft secure score is termed as a measurement of an organization's security posture, with a higher number indicating more improvement actions taken and with the help of a centralized dashboard in the Microsoft 365 security center, organizations can monitor as well as work on the security of their Microsoft 365 identities, data apps, devices, and infrastructure.  Secure score helps the organizations to:
  1. Report on the current state of the organization's security posture. 
  2. Improve their security posture by providing discoverability, visibility, guidance, and control.
  3. Compare with benchmarks and establish Key Performance Indicators (KPIs).

Note: Microsoft Secure Score is a numerical summary of your security posture based on system configurations, user behavior, and other security-related measurements, but, it's not an absolute measurement of likely your system or data will be breached, whereas, it shows the extent to which the security controls have been adopted in your Microsoft environment which can help offset the risk of being breached. As no online service is totally immune from security breaches, and secure score should not be interpreted as a guarantee against security breach in any manner.

How secure score works?

Firstly, some points are given to configure recommended security features, perform security-related tasks, or address the improvement actions with a third-party application or software. Some improvement actions also gives points after the fully completion, or provide partial points after completion for some devices or users.

Secure Score represents your absolute security posture which will remain the same regardless of the product licenses your organization owns. It should be remembered that security should be balanced with usability, and not every recommendation can work for your environment.

Your score is always updated real time to reflect the information presented in the visualizations and improvement action pages. Secure score also syncs daily to receive system data about your achieved point for each action.

How improvement actions are scored?

Most of the improvement actions are scored in a binary fashion and if you implement the improvement action like create a new policy or turn on a specific setting, you can get 100% of the points while for the others, the points are given as a percentage of the total configuration. For example, if an improvement action states that you get 30 points by protecting all your users with multi-factor authentication and you only have 5 out of 100 total users secured, then, you will get a partial score of around 2 points (5 protected / 100 total * 30 max pts = 2 pts partial score).

Products included in Secure Score

Nowadays, there are many recommendations for Office 365 (including SharePoint Online, Exchange Online, OneDrive for Business, Microsoft Information Protection, and more), Azure AD, and Cloud App Security; while the recommendations for the other security products like Microsoft Defender for Endpoint and Identity, will be coming soon in near future. Although, all these recommendations don't cover all the attack surface associated with each product, but they are a good baseline and you can also mark the improvement actions as covered by a third party.     











To read part 2, please click here





















Comments

Popular posts from this blog

Deployment (Part 3)

Deployment (Part 1)

Project Resourcing (Part 2)