Microsoft Security Score is a free security tool that every organization can use to better understand and improve its security position against today’s advanced threats.
In this blog, I’ll provide a step-by-step guide on how to use, and get the most out of, this free tool to improve your organization’s security posture.
What Is Microsoft Security Score?
Microsoft Security Score (previously known as the Office 365 Security Score) is a free security utility for organizations with Office 365 and Windows Defender Advanced Threat Protection. The tool is designed to help you understand your security position, give you advice on what controls you should consider enabling, and helps you understand how your score compares to other organizations.
It helps identify steps you can take to proactively reduce the attack surface for Office 365 and Windows (as long as you have Windows Defender ATP). By providing a score, the tool also benchmarks your success and progress in addressing potential security issues.
So, let’s jump in and look at how the Microsoft Security Score is calculated.
How is the Security Score Calculated?
As an administrator for your company’s Office 365 or Windows Defender Advanced Threat Protection, you can access Secure Score from the Security and Compliance Center or by navigating to securescore.microsoft.com.
Once logged in, your Secure Score summary is available for you in the top left side of the screen.
The Security Score in this screenshot is 791. It is the sum of the Office 365 and Windows scores.
The score is calculated based on the controls you can configure vs. what you have configured. Your Office 365 score plus your Windows score make up your Secure score.
NOTE: You will only see your Windows score if you have Windows Defender Advanced Threat Protection.
The numerator (highlighted in the yellow box) is the sum of the security controls that you fully or partially meet.
The denominator (highlighted in the yellow box) represents the number of points you can earn given the set of features you have available.
Secure Score also allows you to benchmark your organization against other organizations of a similar seat size across the entire service.
This diagram shows your organizations score compared to similar size organizations
The Target Score can be higher than the denominator because it includes all controls whether you have access to them or not. The Target Score shows, for any given set of controls, shows what your score could be if you took those recommended actions.
You can also use the slider to adjust the Target Score to different levels; Basic, Balanced, and Aggressive. The number of Actions required decrease or increase based on the Target Score that you set.
Moving the “Target Score” slider to the left lowers the target Score, and lowers the number of Actions in queue.
Moving the “Target Score” slider to the right raises the target Score, and increases the number of Actions in queue.
You can filter controls by action such as User Impact and Implementation Cost. These actions will bring up controls based on how they affect the end users and the potential cost of enabling these controls.
Once filters are applied, the queue will display the controls that need to be adjusted to fulfill those requirements. Any control labeled "Not Scored" represents an Action that can be fulfilled, but Microsoft has not yet implemented the control labeled “Not Scored” for points. Taking the Action will improve security and the points will be added later once Microsoft implements point values for that given control.
You can expand each Action to see a quick description of the risk that the Action is attempting to mitigate.
The example above is an Action for enabling multi-factor authentication for all global admins. You may already have a third-party solution in place for this, which you have the option of selecting. By adding this third-party action, points will be added to your overall score.
Alternatively, you can opt out of the Action by selecting “Ignore”, and those points will be removed from your score denominator.
You can select “Learn More” to get an explanation of what Microsoft is telling you to do and the impact to your users.
You can take the Action to earn / increase points using Launch Now option as shown above.
Note: All scores will be updated on the next-day after implementing suggested changes.
Points are rewarded for viewing reports like “logins after multiple failures” and “risky sign-ins.” Using the Score Analyzer at the top of the dashboard helps you track your organization’s score over time vs. the overall Office 365 average for organizations like yours.
This graph displays your Office 365 Secure Score vs. the average Secure Score for other organizations.
The graph above can be exported so you can share the progress with the rest of their team.
Summary
Leveraging the Microsoft Secure Score is a useful supplement to any organization’s any security practice. I hope this step by step guide helps give you a way to get started.
