Microsoft Secure Score, a centralized dashboard found within the Microsoft 365 Security Center subscription portal, is the new go-to posture management app for security administrators.
“The vision for Microsoft Secure Score is that it will be the centralized user experience for all security related points and improvement actions across Microsoft 365 (M365) and Azure workloads. Individual products can include a secure score experience scoped to their workload however they must align to the Microsoft Secure Score design patterns and branding. They must also forward their score and improvement action data to Microsoft Secure Score so that it can provide the end to end super set view for an organization’s security posture.”
- Chris Hallum, Sr, Product Manager
- Infrastructure (Azure AD accounts & roles)
- Device (Microsoft Defender ATP or Configuration score)
- Identity (Azure AD accounts & roles)
- Apps (email & cloud apps incl. Office 365 (O365) & Cloud App Security)
- Data (Microsoft Information Protection)
Points are awarded for configuring recommended security features, performing security-related tasks, or addressing improvement actions within third-party software and apps, or an alternate mitigation. The percentage-based score, viewed in a time-specific graphical format, demonstrates specific improvements or departures from a set goal.
The score is updated in real-time and reflects vital information in visualizations and improvement action pages. Admins can compare their total security score against other organizations, then monitor security tasks that may require their attention. Secure Score also does a daily sync to receive systemic data regarding specific action points. Read more about the scoring system here.
Ultimately, Secure Score helps organizations:
- Report the current state of their security posture
- Improve their posture via discoverability, visibility, guidance, and control
- Compare benchmarks and establish key performance indicators (KPIs)
In the remote workforce, Secure Score can help bring users and devices into full compliance. Admins can receive recommended improvement actions that are tailored to their configurations, which can help bolster their security protocols. Improvement actions must:
- Provide measurable statuses via automation
- Render a measurable level of risk reduction
Without these criteria, Secure Score can only provide a directional posture status versus a precise measurement; and if actions do not meet the criteria, Microsoft will (temporarily) remove them from the product.
NOTE: Secure Score also reflects when third-party solutions have addressed recommended actions.
In addition to recent improvements made to Microsoft Defender ATP, during August 2020, Microsoft will add the following improvement actions to Azure ATP to optimize Secure Score usability:
- Risky lateral movement paths
- Unsecure account attributes
- Enable security features on Active Directory (AD) trusts
- Remove unsecure Secured IDentifier (SID) history attributes from entities
Subscribe to the Trusted Tech Team Blog
Get the latest posts delivered right to your inbox