Home

Office 365 Secure Score is now Microsoft Secure Score

The threat landscape is continually evolving and in talking with organizations we hear about the many challenges you face in managing your security position to protect against these threats. From having too many security solutions with various places to configure lots of controls, a lack of knowledge around which controls are the most effective, and being unable to benchmark yourself against other organizations, we can understand why security teams are having trouble finding the right balance of security and productivity while staying on top of everything.

 

With Office 365 Secure Score we made this easier by helping you understand your security position, giving you advice on what controls you should consider enabling, and helping you understand how your score compared to other organizations. We saw a lot of interest around Secure Score and a common piece of feedback we heard was that it was great that we were doing this for Office 365 but what about the other Microsoft solutions? Over the past few months we have been working on this and today Office 365 Secure Score is now Microsoft Secure Score. Microsoft Secure Score builds on top of what was in Office 365 Secure Score and adds even more.

 

One new feature you will notice as soon as you log in is the new Microsoft score which is made up of your Office 365 Secure Score and your Windows Secure Score. The Windows score come from Windows Defender Advanced Threat Protection (ATP) which provides information about the status of your antivirus, OS security updates, firewall, and other controls. To get the details of your Windows score, you can click on the “Windows Defender Security Center” link below your Windows score to go directly to the dashboard in Windows Defender ATP.

 

summary.png

Microsoft Secure Score Summary

 

Beyond adding Windows to Secure Score, we also now support Microsoft Intune. This surfaces though the existing mobile device management (MDM) controls.   Previously we used the telemetry from the Office 365 MDM solution. However, we know that some of you are using Intune and were clicking on the Third Party button to give yourself points as you were meeting the spirit of these controls. This will no longer be necessary. If you are using Intune, we recommend that you remove the third party tag from these controls so they can be scored based on your Intune data.

 

Lastly, we heard from many organizations that they loved the compare your score section where we show how you benchmark against the Office 365 average score and the recently added Office 365 seat size average score. What they also wanted to see was a score based on organizations in the same industry. This new industry average is now rolling out and should be available to everyone by April 20th. Based on what industry you designate in the Service Assurance section of the Office 365 Security and Compliance Center we will show you the average score for that industry. Note that if you change your industry designation, the new average will not appear until your score is recalculated.

 

comparefinal.png

Industry average score to help you better benchmark your organization

 

This is just the first step in building out Microsoft Secure Score. Over the coming months we will continue to add new functionality and add additional solutions to provide you an even better experience.

 

To try out Microsoft Secure Score now you can go to https://securescore.microsoft.com and log in with your administrative credentials or click on the Secure Score widget on the Office 365 Security and Compliance Center home page. We also created a new Microsoft Mechanics video that can give you a quick overview of the solution if you have not used Secure Score before.

 

 

As always, the team loves the feedback and comments so feel free to leave them below. If you happen to be at the RSA conference in San Francisco this week swing by the Microsoft booth to say hi and check out the sessions we are running.

7 Comments
Senior Member

Hi,

 

please provide a score for conditional MFA enable settings.

Today the score is limited for fully MFA enforce only.

 

Regards

Itzik 

Hi Itzik,

 

Thanks for the feedback.  We have heard this from many people and based on demand we have this on our list of controls to enable.  This should go live in the next few months.

New Contributor

We have a security team that would like to access this but we dont give them admin rights and it seems there is no way to give anyone access to Secure Score without letting them make changes.

Is there a secret way of giving non-administrators access?

Hi Peter,

 

You can give them Security Reader access in the Office 365 Security and Compliance Center and they should get access to Secure Score.

New Contributor

Sadly that doesn’t seem to work

We have also tried the Security Administrator and Compliance Administrator roles but they still cant access the page.

Hi Peter,

 

Sorry about that.  I tried myself and got the same issue.  I have asked the engineering team to look at this, but I found a quick workaround.  Grant the account security reader rights in Azure Active Directory.  When I did this it worked. 

 

Info on how to do that is here.

Senior Member

Anthony,

 

thank you for the previous answer. I see one major missing feature with the great Office365 secure score product.

in the "Score Analyzer" and "compare score" we would like to get full information and audit who changed the configuration and reduced/increased the score.

 

let's say admin X cancel the MFA for all admins, we will see it in the score analyzer while investigating why the secure score was reduced but we won't see who was the admin that changed that configuration.

 

Regards

Itzik