Beginner’s guide to Microsoft 365 Secure Score

According to a recent government study, two in five businesses in the UK have reported having experienced cybersecurity breaches or attacks in the last 12 months. Of these, one in five respectively ended up losing money, data or other assets. With cybercrime at an all-time high, it’s become increasingly important for organisations to understand how their security measures up.

Thankfully, by having Microsoft in your corner, you’re already half of the way there. As part of their $1bn annual investment in security, Microsoft has created the Microsoft Secure Score – a security tool that helps you measure and understand your organisation’s security posture.

So, what exactly is your Microsoft 365 Secure Score?

Check out this short clip from one of our Secure Score webinars, where we give a quick overview of what the Microsoft Secure Score is:

As a Microsoft 365 user, you’ll have access to a Secure Score that’s located within your Security Centre. Your Secure Score dashboard gives you access to robust visualisations of metrics, trends, integration with Microsoft products, score comparison with similar organisations, and much more. Your overall score is displayed as a percentage, with a higher number indicating a stronger security posture. Pretty straight forward, huh?

In a nutshell, your Secure Score helps you:

• Report on the current state of your organisation’s security posture.
• Improve your security posture by providing you with discoverability, visibility, guidance, and control.
• Compare your organisation’s security with industry benchmarks and establish security key performance indicators (KPIs).

How to start improving your Microsoft Secure Score

Alongside your score, you’ll have a list of recommended actions that can help improve your security rating. The recommendations will highlight the maximum score you’re able to achieve for each control and how those improvements could potentially increase your overall Secure Score. Thus, allowing you to identify which improvements will have the biggest impact on your overall security. It’ll also show you the number of resources affected by each control and each resource’s impact on your overall score.

You’re given points for the following actions:

• Configuring recommended security features
• Doing security-related tasks
• Addressing the improvement actions with a third-party application or software, or an alternate mitigation

So, how exactly is your score calculated? Your Secure Score considers your entire Microsoft security set-up and analyses which controls you’ve enabled and set up. The percentage itself is calculated using the formula below. You can find out more about how this is calculated on Microsoft’s website.

Whilst Microsoft provides a list of recommended improvements along with the impact they will have on your overall score, these improvements are simply based on best practices and won’t always be the best option for your business. It is therefore important that you really take some time to interpret the recommendations in the context of your business or speak to an expert about it (Psst… That’s us!).