Microsoft Secure Score: Your Gateway to Security in the Cloud

If you said yes…how do you know?  If you said no, then I can help you with that as well.  Either way, your Secure Score is the answer!


Today’s ever-evolving threats can be dangerous to companies of any size and understanding your organization’s current security posture is a crucial line of defense to protect against these threats.


So, what is Microsoft ‘Secure Score?’


Your Microsoft Secure Score is a measure of your organization’s current security configurations across Office 365 products and apps and how well aligned they are with Microsoft’s best security practices.  You are given a score and a list of recommended improvement actions to help you reach your max score.  Don’t worry if your score is different from another company’s as the score is reflective only of your specific environment.  Find your score in the Microsoft 365 security center, under Secure Score.


This is what it looks like:


Is my Secure Score really that important?


Yes!  Security in the cloud needs to have the same serious considerations that you would put toward locking your front door every night.  Every cloud-based solution is at risk to various malware and cyber-attacks, so it’s no longer acceptable to put security on the back-burner.  Not only does your Secure Score show how vulnerable your data and Office 365 environment are, it highlights a path you can take to improve your score and your company’s security.  If anything, it will provide peace of mind for you and your stakeholders knowing that you’re doing everything you can to keep data safe.


So how can I use this score to strengthen my security?


Microsoft Secure Score makes it super easy to prioritize security with an easy to use interface that’s full of information specific to your environment.  Every improvement action has a detailed list of steps you can take to implement the suggestion.  Here you will see any license prerequisites that are needed, what the user impact will be, which users will be affected, and your current implementation status.

How does my score stack up against other organizations?


If you’re like me, your eyes quickly jump to the comparison chart which looks like this:

I can already hear you, “My Score is above average, so I don’t need to waste time reviewing these improvements.”


Wrong!  Just because your company’s score is above average doesn’t mean there are no improvements you can make to strengthen your security.  A good example of this is having too many Global Admins in Office 365.  Microsoft recommends between 2 and 4 global admins, because the more global admins you have, the more likely it is that one of those accounts will be breached.  Even though this particular action may only be a small percentage of your overall score, it can pose a security risk that is worth mitigating.  Therefore, it is crucial to review all the suggested improvements to see how you can better protect your company’s assets.


The key lesson here:


Focus less on the number and more on the vulnerabilities in your current security configuration.


So, I’ve taken action on many improvements, but my score is still far below the max.


Relax!  This is normal for almost every organization, as reaching the maximum score is not always possible with your current Office 365 setup.  The most significant aspect of this score is the visibility and awareness into these items to begin with, so ensuring that you have addressed all of the improvements suggested is far more important than your score.  Whether you decide to implement these suggestions fully, partially, or not at all, always remember that the whole point of this is to make you conscious about the security of your environment.


Keeping track of your improvements


Secure Score makes it easy for you to track the progress of your score. With the History and Metrics & Trends tabs, you can follow graphs that show whether your score has improved or regressed in the past 90 days.  In addition, it displays the action as to why your score has changed and the number of points affected by that change.

To summarize:
  • Microsoft Secure Score is a great tool available to measure your organization’s current Office 365 security strategy and to learn how you can take future steps toward improving security.
  • Stay protected from today’s threats by reviewing the improvement actions suggested and tailored for your environment.
  • Remember, it’s not so much about the number as it is reviewing the suggested improvements and the implementation of each and every recommendation to see how you can improve.
  • Track your progress as Secure Score continues to assess your settings and provide different opportunities for you.
  • Check your score often as Microsoft continues to make updates that may offer new insights!


I hope this has provided some insights about how you can gain visibility into the security of your Office 365 environment.  Ensure your organization’s data is safe by acting now so you can achieve peace of mind!

Elliot Etter

Elliot is a Service Desk Associate here at Cloudforce and has always been fascinated with the world of IT. His eyes glowing brighter than the very first LED he programmed to flash on and off with a Raspberry Pi, he knew as a kid that his future career was going to be with tech. Elliot is currently expanding his knowledge of the Cloud and holds certifications for the MS-900, AZ-900, and 98-365 exams.

Recommended for you.