Microsoft Secure Score: Understanding and Maximising Your Score

With the increasing threat of cyber-attacks, it is crucial for organisations to protect their sensitive data and prevent unauthorised access to their systems. However, it can be challenging for companies to identify and address vulnerabilities within their IT infrastructure –  but that’s where Microsoft Secure Score can help.

What is Microsoft Secure Score?

Microsoft Secure Score assesses and measures your organisation’s security posture to give you an idea as to how well you are protected from threats. It provides guidance and actions to help strengthen your Microsoft environment for three primary areas, including: Identity, Data and Apps.

In the Microsoft Secure Score overview page, you can see how points are split between these groups and what points are available. The overview page is also the place to get an all-up view of the total score, historical trend of your secure score with benchmark comparisons, and prioritised improvement actions that can be taken to improve your score. You can use this data to act and make big differences in your security posture.

You are given points for configuring recommended security features, performing security-related tasks (such as viewing reports), or addressing the improvement action with a third-party application or software. Some actions are scored for partial completion, like enabling multi-factor authentication (MFA) for your users. Security should always be balanced with usability, and not every recommendation will work for your environment.

How to find your Microsoft Secure Score

To find your Microsoft Secure Score, follow these steps:

1. Sign In to Microsoft 365: Go to the Microsoft 365 Admin Center and sign in with your admin credentials.
2. Navigate to the Security & Compliance Center: Once logged in, locate and click on the app launcher (the nine-dot grid icon in the upper left corner), and select “Admin.” In the Admin Center, expand the “All admin centers” menu and select “Security.”
3. Access Microsoft Secure Score: In the Security Center, look for the “Secure Score” option in the left-hand navigation menu. Click on it to open the Secure Score dashboard.

What is a good Microsoft Secure Score?

Microsoft Secure Score is a measurement of an organisation’s security posture, with a maximum score of 100. Secure Scores can vary depending on the size and complexity of the organisation, but a higher score indicates better adherence to security best practices.

Here are some guidelines for what might be considered a good score:

• Above 80%: This is generally considered excellent. Organisations with scores in this range have implemented most recommended security measures and are well-protected against common threats.

• 60%-80%: This range is still good and indicates a solid security posture. There might be room for improvement, but the organisation is likely taking security seriously.

• 40%-60%: This indicates a moderate level of security. While there are significant protections in place, there are also many opportunities for enhancement. Organisations in this range should prioritise improvements.

• Below 40%: This is typically seen as a low score and suggests that the organisation has considerable work to do in terms of security. Immediate action is recommended to address the most critical vulnerabilities.

The ideal score also depends on the industry and regulatory requirements. For instance, organisations in highly regulated sectors like finance or healthcare may aim for a higher secure score to comply with stringent security standards.

It’s important to regularly review and act on the recommendations provided by the Secure Score to improve and maintain a robust security posture.

How Cobweb can help

Our engineers can help guide you through your Microsoft Secure Score and carry out any remediation work to improve your score and security posture.  If you’d like to find out more, please get in touch by calling 03333234934 or by emailing hello@cobweb.com.