Security should be a priority no matter the size of your business. Microsoft has recognised how hard it is to work out the strength of your security and has come up with a Secure Score measurement in its 365 Defender dashboard. But what is Secure Score, and how does it help your business? This article aims to explains the basics.

Secure Score measures your security posture within M365. It reviews your activity and security settings against Microsoft’s best practices and identifies areas to enhance protection and provide suggestions.

In the Defender dashboard (https://security.microsoft.com/), administrators can see their current security score. The score considers all Microsoft identities, apps and devices. While a score of 100% is the ultimate aim, Microsoft cautions that you should balance increased security against user experience.

Secure Score Recommendations

What percentage figures should you be aiming for in your M365 tenant?

Anything below 60% shows that best practices have not been applied. Around 60% indicates that the tenant has been configured with basic security features enabled.

You should be aiming for around the 80% mark, but keep in mind user experience and the fact that your current licensing may not allow for certain settings to be changed.

A 100% score is the ultimate aim, but this may require sacrifices to how you use your systems and also the last few settings required can be fiddly and time consuming to implement when compared to the benefits.

How To Improve Your Secure Score?

Within the portal are recommendations on how to improve your score considering security best practices. Secure Store currently offers recommendations for:

• Microsoft 365.
• Exchange Online.
• Azure Active Directory.
• Microsoft Defender for Endpoint, Identity, and Cloud Apps.
• Microsoft Teams.

Note that the score does not measure the likelihood of a system or data breach. Instead, it looks at security-related measurements such as system configurations and user settings.

Microsoft not only lists security recommendations but can help you track your action plan. They share the prerequisites and provide step-by-step advice to complete improvement actions. You can report on status (e.g. planned, risk accepted, resolved through third party, and complete). Rankings also help you gauge implementation difficulty, user impact, and complexity.

Scoring Security with Microsoft

The more settings you make and improvement action you take, the higher your score. For example, you are given points for things such as:

• configuring recommended security features.
• doing security-related tasks.
• addressing suggested improvements with a third-party application or software, or alternate mitigation.

Microsoft Secure Score also compares your metrics with scores for similar sized organisations. The data is anonymous, but within the Metrics & Trends tab, you can view how your score compares to others.

Raising Your Secure Score

How can you have an immediate impact on your Secure Score? These three steps can boost your organization’s security:

1. Enable multi-factor authentication on both your administrator and normal user accounts.
2. Enable audit and log tracking in Exchange Online.
3. Set up Azure Active Directory to track, log, alert, and remediate and better protect sensitive data and information.

Our IT experts have improved the Secure Score for many clients both within Australia and also around the world. If you need help to improve your score, please contact us today.