Request a Demo
Welcome to the Cygilant Blog
Unified-Vulnerability

How to Use the Microsoft Secure Score – A Step by Step Guide

Posted by Justin Quinn on Feb 12, 2019

How-to-Use-Microsoft-Secure-Score

Microsoft Security Score is a free security tool that every organization can use to better understand and improve its security position against today’s advanced threats.

In this blog, I’ll provide a step-by-step guide on how to use, and get the most out of, this free tool to improve your organization’s security posture.

What Is Microsoft Security Score?

Microsoft Security Score (previously known as the Office 365 Security Score) is a free security utility for organizations with Office 365 and Windows Defender Advanced Threat Protection. The tool is designed to help you understand your security position, give you advice on what controls you should consider enabling, and helps you understand how your score compares to other organizations.

It helps identify steps you can take to proactively reduce the attack surface for Office 365 and Windows (as long as you have Windows Defender ATP). By providing a score, the tool also benchmarks your success and progress in addressing potential security issues.

So, let’s jump in and look at how the Microsoft Security Score is calculated.

How is the Security Score Calculated?

As an administrator for your company’s Office 365 or Windows Defender Advanced Threat Protection, you can access Secure Score from the Security and Compliance Center or by navigating to securescore.microsoft.com.

Once logged in, your Secure Score summary is available for you in the top left side of the screen.

The sum of the Office 365 and Windows scores

  The Security Score in this screenshot is 791. It is the sum of the Office 365 and Windows scores.

The score is calculated based on the controls you can configure vs. what you have configured. Your Office 365 score plus your Windows score make up your Secure score.

NOTE: You will only see your Windows score if you have Windows Defender Advanced Threat Protection.

Security Score in this screenshot is 791-Part2

The numerator (highlighted in the yellow box) is the sum of the security controls that you fully or partially meet.

Microsoft Security Score Highlighting the Numerator

The denominator (highlighted in the yellow box) represents the number of points you can earn given the set of features you have available.

Microsoft Security Score Highlighting the Denominator

Secure Score also allows you to benchmark your organization against other organizations of a similar seat size across the entire service.

Microsoft Security Score highlighting your score compared to other similar organizations.

This diagram shows your organizations score compared to similar size organizations

The Target Score can be higher than the denominator because it includes all controls whether you have access to them or not. The Target Score shows, for any given set of controls, shows what your score could be if you took those recommended actions.

Microsoft Security Score Highlighting the slider to different levels: Basic, Balanced, and Aggressive

You can also use the slider to adjust the Target Score to different levels; Basic, Balanced, and Aggressive. The number of Actions required decrease or increase based on the Target Score that you set.

Actions required decrease or increase

6-Actions-in-Queue

Moving the “Target Score” slider to the left lowers the target Score, and lowers the number of Actions in queue.

14-actions-in-queue

Moving the “Target Score” slider to the right raises the target Score, and increases the number of Actions in queue.

You can filter controls by action such as User Impact and Implementation Cost. These actions will bring up controls based on how they affect the end users and the potential cost of enabling these controls.

Microsoft Security Score Highlighting Filters – User Impact and Implementation Cost

Once filters are applied, the queue will display the controls that need to be adjusted to fulfill those requirements. Any control labeled "Not Scored" represents an Action that can be fulfilled, but Microsoft has not yet implemented the control labeled “Not Scored” for points. Taking the Action will improve security and the points will be added later once Microsoft implements point values for that given control. Reducing-Attack-Surface-with-Unified-Vulnerability-and-Patch-Management

Microsoft Security Score highlighting a queue that displays controls that need to be adjusted

 

You can expand each Action to see a quick description of the risk that the Action is attempting to mitigate.

Microsoft Security Score highlighting a description of a risk that the Action is attempting to mitigate.

The example above is an Action for enabling multi-factor authentication for all global admins. You may already have a third-party solution in place for this, which you have the option of selecting. By adding this third-party action, points will be added to your overall score.

Microsoft-SecureScore-1

 Microsoft-SecureScore-2

Alternatively, you can opt out of the Action by selecting “Ignore”, and those points will be removed from your score denominator.

Microsoft-SecureScore-3

Microsoft-SecureScore-4

You can select “Learn More” to get an explanation of what Microsoft is telling you to do and the impact to your users.

Microsoft Security Score highlighting ”Learn More” help.

Microsoft-SecureScore-6

You can take the Action to earn / increase points using Launch Now option as shown above.

 Implementing suggested changes

Note: All scores will be updated on the next-day after implementing suggested changes.

Points are rewarded for viewing reports like “logins after multiple failures” and “risky sign-ins.” Using the Score Analyzer at the top of the dashboard helps you track your organization’s score over time vs. the overall Office 365 average for organizations like yours.

Microsoft Security Score highlighting Score Analyzer.

 

Microsoft Security Score highlighting a graph that displays your Office 365 Secure Score vs. the average Secure Score for other organizations

This graph displays your Office 365 Secure Score vs. the average Secure Score for other organizations.

The graph above can be exported so you can share the progress with the rest of their team.

Microsoft-SecureScore-7

 

Summary

Leveraging the Microsoft Secure Score is a useful supplement to any organization’s any security practice. I hope this step by step guide helps give you a way to get started. Please use the comments section below to ask me any questions, and I’ll be happy to help.

 

 

Tags: Security Operations Center, SOC Services, Microsoft Secure Score, the Office 365 and Windows scores, Score Analyzer, Free Security Tool

Subscribe to Email Updates

Experience how Cygilant SOCVue and 24x7 GSOC Team can help detect threats, prioritize vulnerabilities and apply patches.

Request a Demo

Most Recent Posts

Posts by Topic

See All