Describe the Microsoft Secure Score Benefits and Capabilities – Describe the Threat Protection Solutions of Microsoft 365

1 March, 2023 Kajol Ahluwalia 0 Comments 5 categories

Describe the Microsoft Secure Score Benefits and Capabilities

Microsoft 365 has several security features that can be configured in different ways, depending on an organization’s requirements. However, many organizations aren’t aware of all the settings, the order in which they need to be addressed, or how they might impact the user experience.

Additionally, organizations are faced with the following questions:

  • How can they understand the current security best practices?
  • How does their current deployment compare to the best practices?

Secure Score is a service included with Microsoft 365 that contains a list of security-focused features and configuration recommendations (each with a point value). It compares an organization’s current settings against the Microsoft-recommended best practices and assigns the tenant a score. Secure Score also allows organizations to understand their current security posture and determine which actions need to be taken to improve their current score. Microsoft Secure Score can be accessed through the Microsoft 365 Defender portal athttps://security.microsoft.com and can be seen in Figure 9.17:

Figure 9.17 – Microsoft Secure Score

Actionable areas are organized according to the following categories:

  • Identity
  • Data
  • Device
  • Apps

Figure 9.18 shows various recommended actions (formerly called improvement actions), sorted by category:

Figure 9.18 – Microsoft Secure Score recommended actions

Terminology update

The term Improvement actions has been replaced with Recommended actions in the Microsoft 365 Defender portal. The MS-900 exam may use either term.

For each recommended or improvement action, administrators can review a description and evaluate which attacks or risks it mitigates, the related compliance controls, and the impact of its implementation on users. The score is recalculated (typically after 48 hours) and the updated score is shown on the dashboard. The Secure Score dashboard provides links to the admin center where actions need to be taken. It also includes an acknowledgment toggle that lets organizations indicate whether they have implemented an action in a third-party system that isn’t tracked by Secure Score, thus allowing them to maintain an accurate score for their environment.

As organizations make changes over time, they can see the history of actions they’ve taken and the impact their modifications have had, as shown in Figure 9.19:

Figure 9.19 – Secure Score history

Microsoft recommends reviewing Secure Score controls and reports frequently to make sure you are implementing current best practices, enabling and configuring new security controls as features become available, and continuously improving the security of your Microsoft 365 deployment.

The Metrics & trends tab displays information about historical changes in your Secure Score as well as providing a comparison of how your score relates to other organizations of similar size or industry.

Category: Data lifecycle management, Microsoft 365 Lighthouse, Microsoft Defender for Endpoint, Microsoft MS-900, Priva Subject Rights Request

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts