/Insights

Simplifying the Security Labyrinth with Secure Score

Microsoft Secure Score, a centralized dashboard found within the Microsoft 365 Security Center subscription portal, is the new go-to posture management app for security administrators.

Your entire security posture is reflected by Secure Score, which remains static across all product licenses. According to Microsoft:

“The vision for Microsoft Secure Score is that it will be the centralized user experience for all security related points and improvement actions across Microsoft 365 (M365) and Azure workloads. Individual products can include a secure score experience scoped to their workload however they must align to the Microsoft Secure Score design patterns and branding. They must also forward their score and improvement action data to Microsoft Secure Score so that it can provide the end to end super set view for an organization’s security posture.”

- Chris Hallum, Sr, Product Manager

The Process

Secure Score monitors M365 (incl. Exchange Online), Cloud App Security, Azure AD, Azure ATP and Microsoft Defender ATP workloads; then provides security scores for the following categories:

graf2 2020 07 24

Points are awarded for configuring recommended security features, performing security-related tasks, or addressing improvement actions within third-party software and apps, or an alternate mitigation. The percentage-based score, viewed in a time-specific graphical format, demonstrates specific improvements or departures from a set goal.

The score is updated in real-time and reflects vital information in visualizations and improvement action pages. Admins can compare their total security score against other organizations, then monitor security tasks that may require their attention. Secure Score also does a daily sync to receive systemic data regarding specific action points. Read more about the scoring system here.

Ultimately, Secure Score helps organizations:

  • Report the current state of their security posture
  • Improve their posture via discoverability, visibility, guidance, and control
  • Compare benchmarks and establish key performance indicators (KPIs)

Dashboard view
Dashboard view

Remote Security

In the remote workforce, Secure Score can help bring users and devices into full compliance. Admins can receive recommended improvement actions that are tailored to their configurations, which can help bolster their security protocols. Improvement actions must:

  • Provide measurable statuses via automation
  • Render a measurable level of risk reduction

Without these criteria, Secure Score can only provide a directional posture status versus a precise measurement; and if actions do not meet the criteria, Microsoft will (temporarily) remove them from the product.

NOTE: Secure Score also reflects when third-party solutions have addressed recommended actions.

What’s Next?

In addition to recent improvements made to Microsoft Defender ATP, during August 2020, Microsoft will add the following improvement actions to Azure ATP to optimize Secure Score usability:

Sources

Track your Microsoft Secure Score history and meet goals

Shortening the developer commute with Docker and Microsoft Azure


Trusted Tech Team: A Microsoft Gold Partner

For more information about Secure Score and other security products, contact Trusted Tech Team for a free consultation. Our Licensing Engineers are here to help you maximize your software subscriptions, and provide the lowest costs in the market.

...

Subscribe to the Trusted Tech Team Blog

Get the latest posts delivered right to your inbox

Kahlil Crawford

Kahlil Crawford

Trusted Tech Team // Content Strategist

Read More