Home
%3CLINGO-SUB%20id%3D%22lingo-sub-616876%22%20slang%3D%22en-US%22%3EIdentity%20Secure%20Score%20is%20now%20generally%20available!%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-616876%22%20slang%3D%22en-US%22%3E%3CP%3EHowdy%20folks%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EGetting%20security%20right%20and%20protecting%20your%20identities%20can%20be%20hard.%20Knowing%20what%20guidance%20you%20should%20follow%2C%20the%20actions%20you%20should%20take%2C%20and%20even%20knowing%20what%20products%20you%20should%20use%20is%20often%20complex%20and%20difficult%20to%20navigate.%20That%E2%80%99s%20why%20at%20%3CA%20href%3D%22https%3A%2F%2Fazure.microsoft.com%2Fresources%2Fvideos%2Fignite-2018-staying-secure-with-azure-ad-and-microsoft-secure-score%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3EIgnite%20last%20year%3C%2FA%3E%2C%20we%20announced%20the%20public%20preview%20of%20Identity%20Secure%20Score%20to%20help%20you%20improve%20your%20identity%20security%20posture.%20Today%2C%20I%E2%80%99m%20excited%20to%20announce%20that%20Identity%20Secure%20Score%20is%20now%20generally%20available!%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EMany%20of%20you%20are%20already%20using%20Identity%20Secure%20Score%20to%20increase%20visibility%20and%20control%20over%20your%20company%E2%80%99s%20security%20posture.%20It%E2%80%99s%20super%20cool%20to%20see%20our%20customers%20use%20this%20tool%20to%20make%20improvements%20in%20their%20security.%20Thanks%20to%20everyone%20who%20provided%20feedback%20during%20our%20public%20preview%2C%20we%E2%80%99ve%20taken%20the%20input%20and%20I%20hope%20you%E2%80%99ll%20like%20the%20changes%20we%20made.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CH3%20id%3D%22toc-hId-1563694427%22%20id%3D%22toc-hId-1563716313%22%20id%3D%22toc-hId-1563716313%22%20id%3D%22toc-hId-1563716313%22%20id%3D%22toc-hId-1563716313%22%20id%3D%22toc-hId-1563716313%22%20id%3D%22toc-hId-1563716313%22%3E%3CSPAN%3EIdentity%20Secure%20Score%26nbsp%3Boverview%3C%2FSPAN%3E%3C%2FH3%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%3EIdentity%20Secure%20Score%26nbsp%3Bprovides%20organizations%20with%20increased%20visibility%20and%20control%20over%20their%20security%20posture%20by%20discovering%20opportunities%20that%20will%20help%20to%20improve%20security%20across%20your%20organization.%20These%20opportunities%20are%20surfaced%20as%20recommendations%2C%20which%20are%20coupled%20with%20the%20guidance%20and%20the%20workflows%20necessary%20to%20help%20security%20administrators%20implement%20each%20recommendation.%20The%20more%20improvements%20you%20make%2C%20the%20more%20your%20identity%20security%20posture%20improves%E2%80%94increasing%20your%20identity%20secure%20score!%3C%2FSPAN%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F114431i6AD292F438908755%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22Identity%20Secure%20Score%201.png%22%20title%3D%22Identity%20Secure%20Score%201.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThe%20good%20news%20is%20that%20we%20have%20an%20Identity%20Secure%20Score%20calculated%20and%20waiting%20for%20you.%20To%20see%20your%20tenants%20Identity%20Secure%20Score%2C%20just%20head%20over%20to%20%3CA%20href%3D%22https%3A%2F%2Fportal.azure.com%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ethe%20Azure%20portal%3C%2FA%3E%2C%20sign%20in%20with%20a%20global%20admin%2C%20security%20admin%2C%20or%20security%20reader%20account%2C%20and%20then%20navigate%20to%20Identity%20Secure%20Score%20in%20the%20Azure%20AD%20section.%20Along%20with%20this%20score%20you%E2%80%99ll%20instantly%20be%20able%20to%20see%20how%20your%20tenant%20compares%20to%20others%20in%20your%20same%20industry%20and%20size.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CH3%20id%3D%22toc-hId--988462534%22%20id%3D%22toc-hId--988440648%22%20id%3D%22toc-hId--988440648%22%20id%3D%22toc-hId--988440648%22%20id%3D%22toc-hId--988440648%22%20id%3D%22toc-hId--988440648%22%20id%3D%22toc-hId--988440648%22%3EImprove%20your%20Identity%20Secure%20Score%3C%2FH3%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ESo%20how%20do%20you%20improve%20your%20Identity%20Secure%20Score%3F%20Our%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fsecurity%2Fazure-ad-secure-steps%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Etop%20recommendations%3C%2FA%3E%20to%20is%20to%20protect%20your%20privileged%20accounts%20with%20Multi-Factor%20Authentication%20(MFA).%20%26nbsp%3BUsers%20with%20highly%20privileged%20access%20should%20be%20treated%20with%20special%20care%20and%20require%20higher%20level%20of%20authentication%20all%20the%20time.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EJump%20in%20and%20walk%20through%20how%20you%20can%20use%20Identity%20Secure%20Score%20to%20make%20this%20change%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3COL%3E%0A%3CLI%3EWithin%20Identity%20Secure%20Score%2C%20select%20the%20%3CSTRONG%3ERequire%20MFA%20for%20Azure%20AD%20privileged%20roles%3C%2FSTRONG%3E%3C%2FLI%3E%0A%3CLI%3ERead%20through%20the%20%3CSTRONG%3EDescription%3C%2FSTRONG%3E%2C%20%3CSTRONG%3EWhat%20am%20I%20about%20to%20change%3F%3C%2FSTRONG%3E%20and%20%3CSTRONG%3EHow%20it%20will%20affect%20my%20users%3F%20%3C%2FSTRONG%3Esections.%20%3CBR%20%2F%3EThese%20sections%20explain%20why%20the%20action%20is%20recommended%2C%20the%20steps%20needed%20to%20take%20action%20and%20improve%20your%20security%20posture%2C%20and%20the%20impact%20it%20will%20have%20to%20your%20users%20or%20company.%3C%2FLI%3E%0A%3CLI%3ELastly%2C%20click%20%3CSTRONG%3EGet%20Started%3C%2FSTRONG%3E%2C%20which%20directs%20you%20to%20the%20location%20where%20the%20instructed%20changes%20are%20needed.%3C%2FLI%3E%0A%3C%2FOL%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F114432iD49EA330BE2090B3%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22Identity%20Secure%20Score%202.png%22%20title%3D%22Identity%20Secure%20Score%202.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EOnce%20you%E2%80%99ve%20implemented%20the%20guidance%20in%20the%20improvement%20action%2C%20it%20may%20take%20up%20to%2048%20hour%20for%20the%20awarded%20points%20show%20up%20in%20your%20tenants%20Identity%20Secure%20Score.%20While%20you%E2%80%99re%20waiting%20for%20your%20Identity%20Secure%20Score%20to%20increase%2C%20look%20all%20the%20other%20recommendations%20on%20how%20you%20can%20improve%20your%20security%20posture.%20The%20good%20news%20is%20that%20any%20Identity%20Secure%20Score%20improvement%20action%20satisfied%20here%20also%20shows%20up%20in%20your%20overall%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Foffice365%2Fsecuritycompliance%2Fmicrosoft-secure-score%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3EMicrosoft%20Secure%20Score%3C%2FA%3E.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EIf%20you%20are%20all%20about%20API%E2%80%99s%20and%20want%20to%20integrate%20Identity%20Secure%20Score%20improvement%20actions%20into%20another%20product%20or%20service%2C%20such%20as%20your%20security%20information%20and%20event%20management%20(SIEM)%20or%20integrate%20into%20a%20custom%20dashboard%2C%20head%20over%20to%20the%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fgraph%2Fapi%2Fresources%2Fsecurity-api-overview%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3EMicrosoft%20Security%20Graph%20API%20documentation%3C%2FA%3E%20and%20learn%20how%20you%20can%20get%20full%20access%20to%20your%20secure%20score%20data.%20%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EYour%20identity%20security%20journey%20doesn%E2%80%99t%20stop%20here.%20We%E2%80%99re%20excited%20to%20keep%20investing%20in%20Identity%20Secure%20Score%20with%20more%20improvement%20actions%20and%20guidance%20on%20how%20to%20use%20the%20Microsoft%20services%20you%20use%20today.%20So%20be%20on%20the%20lookout%20for%20new%20recommendations%20in%20the%20portal%20and%20remember%20to%20check%20your%20Identity%20Secure%20Score%20for%20guidance%20on%20how%20you%20can%20continually%20grow%20your%20identity%20security%20posture.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EIf%20you%20have%20questions%20or%20comments%2C%20please%20feel%20free%20to%20reach%20out%26nbsp%3Bto%26nbsp%3Bus%20on%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ffeedback.azure.com%2Fforums%2F169401-azure-active-directory%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3EAzure%20AD%20UserVoice%3C%2FA%3E.%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EBest%20regards%2C%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EAlex%20Simons%20(%3CA%20href%3D%22https%3A%2F%2Ftwitter.com%2FAlex_A_Simons%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%40Alex_A_Simons%3C%2FA%3E%E2%80%AF)%26nbsp%3B%3C%2FP%3E%0A%3CP%3ECorporate%20VP%20of%20Program%20Management%26nbsp%3B%3C%2FP%3E%0A%3CP%3EMicrosoft%20Identity%20Division%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-616876%22%20slang%3D%22en-US%22%3E%3CP%3EI%20am%20excited%20to%20announce%20that%20Identity%20Secure%20Score%20is%20now%20generally%20available!%26nbsp%3B%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20702px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F114430iE05F2DB018E92045%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22Identity%20Secure%20Score%20teaser.png%22%20title%3D%22Identity%20Secure%20Score%20teaser.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-616876%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20Active%20Directory%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%20and%20Access%20Management%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-627554%22%20slang%3D%22en-US%22%3ERe%3A%20Identity%20Secure%20Score%20is%20now%20generally%20available!%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-627554%22%20slang%3D%22en-US%22%3E%3CP%3EMaybe%20this%20should%20be%20consolidated%20into%20Microsoft%20Secure%20Score.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-756839%22%20slang%3D%22en-US%22%3ERe%3A%20Identity%20Secure%20Score%20is%20now%20generally%20available!%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-756839%22%20slang%3D%22en-US%22%3ECan%20someone%20point%20me%20in%20the%20right%20direction%20on%20where%20to%20find%20information%20on%20pulling%20Secure%20Score%20data%20from%20Azure.%20I'm%20able%20to%20pull%20Secure%20Score%20information%20for%20O365%20via%20Graph%20but%20haven't%20been%20able%20to%20find%20an%20API%20to%20access%20Secure%20Score%20data%20%22from%22%20the%20Azure%20Security%20Center%20(%3CA%20href%3D%22https%3A%2F%2Fportal.azure.com%2F%23blade%2FMicrosoft_Azure_Security%2FSecurityMenuBlade%2F23%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fportal.azure.com%2F%23blade%2FMicrosoft_Azure_Security%2FSecurityMenuBlade%2F23%3C%2FA%3E)%3F%20Thanks%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-829993%22%20slang%3D%22en-US%22%3ERe%3A%20Identity%20Secure%20Score%20is%20now%20generally%20available!%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-829993%22%20slang%3D%22en-US%22%3E%3CP%3Eplease%20fix%20the%20critical%20secure%20score%20issue%20for%20us%20using%20Conditional%20Access.%20Secure%20Score%20doesn't%20recognize%20this%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20are%20NOT%20getting%20Secure%20Score%20credits%20for%20all%20MFA%20recommendations%20-%20for%20example%3A%26nbsp%3B%3CSPAN%3ERequire%20MFA%20for%20Azure%20AD%20privileged%20roles%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EI%20find%20this%20very%20funny%2C%20when%20the%20actual%20'how%20to%20fix'%20recommends%20using%20conditional%20access%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E

Howdy folks,

 

Getting security right and protecting your identities can be hard. Knowing what guidance you should follow, the actions you should take, and even knowing what products you should use is often complex and difficult to navigate. That’s why at Ignite last year, we announced the public preview of Identity Secure Score to help you improve your identity security posture. Today, I’m excited to announce that Identity Secure Score is now generally available! 

 

Many of you are already using Identity Secure Score to increase visibility and control over your company’s security posture. It’s super cool to see our customers use this tool to make improvements in their security. Thanks to everyone who provided feedback during our public preview, we’ve taken the input and I hope you’ll like the changes we made.

 

Identity Secure Score overview

 

Identity Secure Score provides organizations with increased visibility and control over their security posture by discovering opportunities that will help to improve security across your organization. These opportunities are surfaced as recommendations, which are coupled with the guidance and the workflows necessary to help security administrators implement each recommendation. The more improvements you make, the more your identity security posture improves—increasing your identity secure score! 

 

Identity Secure Score 1.png

 

The good news is that we have an Identity Secure Score calculated and waiting for you. To see your tenants Identity Secure Score, just head over to the Azure portal, sign in with a global admin, security admin, or security reader account, and then navigate to Identity Secure Score in the Azure AD section. Along with this score you’ll instantly be able to see how your tenant compares to others in your same industry and size.

 

Improve your Identity Secure Score

 

So how do you improve your Identity Secure Score? Our top recommendations to is to protect your privileged accounts with Multi-Factor Authentication (MFA).  Users with highly privileged access should be treated with special care and require higher level of authentication all the time.

 

Jump in and walk through how you can use Identity Secure Score to make this change:

 

  1. Within Identity Secure Score, select the Require MFA for Azure AD privileged roles
  2. Read through the Description, What am I about to change? and How it will affect my users? sections.
    These sections explain why the action is recommended, the steps needed to take action and improve your security posture, and the impact it will have to your users or company.
  3. Lastly, click Get Started, which directs you to the location where the instructed changes are needed.

Identity Secure Score 2.png

 

Once you’ve implemented the guidance in the improvement action, it may take up to 48 hour for the awarded points show up in your tenants Identity Secure Score. While you’re waiting for your Identity Secure Score to increase, look all the other recommendations on how you can improve your security posture. The good news is that any Identity Secure Score improvement action satisfied here also shows up in your overall Microsoft Secure Score.

 

If you are all about API’s and want to integrate Identity Secure Score improvement actions into another product or service, such as your security information and event management (SIEM) or integrate into a custom dashboard, head over to the Microsoft Security Graph API documentation and learn how you can get full access to your secure score data.  

 

Your identity security journey doesn’t stop here. We’re excited to keep investing in Identity Secure Score with more improvement actions and guidance on how to use the Microsoft services you use today. So be on the lookout for new recommendations in the portal and remember to check your Identity Secure Score for guidance on how you can continually grow your identity security posture.

 

If you have questions or comments, please feel free to reach out to us on Azure AD UserVoice

 

Best regards, 

 

Alex Simons (@Alex_A_Simons ) 

Corporate VP of Program Management 

Microsoft Identity Division 

3 Comments
Super Contributor

Maybe this should be consolidated into Microsoft Secure Score.

Occasional Visitor
Can someone point me in the right direction on where to find information on pulling Secure Score data from Azure. I'm able to pull Secure Score information for O365 via Graph but haven't been able to find an API to access Secure Score data "from" the Azure Security Center (https://portal.azure.com/#blade/Microsoft_Azure_Security/SecurityMenuBlade/23)? Thanks

please fix the critical secure score issue for us using Conditional Access. Secure Score doesn't recognize this 

We are NOT getting Secure Score credits for all MFA recommendations - for example: Require MFA for Azure AD privileged roles

 

I find this very funny, when the actual 'how to fix' recommends using conditional access