cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Secure Score - Define headings in Control List Export

william white
New Contributor

‎Sep 20 2018 07:53 AM - last edited on ‎May 24 2021 03:04 PM by

‎Sep 20 2018 07:53 AM - last edited on ‎May 24 2021 03:04 PM by

Secure Score - Define headings in Control List Export

Is there a document that describes each of the columns included in the Control List Export (CSV) from Secure Score?

Most are obvious, but some (Control Type, Category. Workload, Tier, Threats, Enablement) could use some explanation to help me determine how to use them.

1,380 Views
0 Likes
3 Replies
Reply
3 Replies
Anthony Smith (A.J.)

‎Sep 20 2018 02:08 PM

‎Sep 20 2018 02:08 PM

Re: Secure Score - Define headings in Control List Export

Hi William,

 

There is not a definition file, but if you let me know which ones you have questions on I will be happy to answer.

0 Likes
Reply
william white

‎Sep 26 2018 12:07 PM

‎Sep 26 2018 12:07 PM

RE: Secure Score - Define headings in Control List Export

OK I want clarification on the following headers: Control Type (Config, Review, Behavior) Action Category (Data, Device, Identity) This one in particular - Workload (AzureAD, IO, EXO, OD4B, Intune, IP, SFB, SPO) Tier (Core, Advanced, Defense in Depth) Rank (can I assume that the lower the number, the higher the rank of this particular control? Does a higher rank assume it is more important? Thanks
0 Likes
Reply
best response confirmed by Deleted
Anthony Smith (A.J.)

‎Oct 01 2018 02:35 PM

‎Oct 01 2018 02:35 PM

Solution

Re: RE: Secure Score - Define headings in Control List Export

Hi William,

 

Under control type, config is about making a configuration change like enabling MFA for your admins.  Review is for looking at reports.  Behavior is for controls that are more about changing the demeanor of how organization approaches security.  For example, designate more than one global admin or using IRM to protect documents.

 

Action category is for understanding what the control helps protect.  For example, many of the Azure AD controls are tagged as identity and the MDM controls are tagged as device.  Expect the use of this to grow as we are going to move away from the workload scores and go to using the category.  You can get more info on that here.

 

Workload is the acronym for the Microsoft solution that the control resides in.  EXO is short for Exchange Online, OD4B is OneDrive for Business, SFB is Skype for Business, SPO is SharePoint Online, IP is Information Protection (which is more of a category then a solution), Azure AD is Azure Active Directory, MCAS is Microsoft Cloud App Security, and Intune is our enterprise MDM solution.

 

Rank is what we used to order the recommendations of controls in the Take Action, Improve Your Microsoft Secure Score section.  For example, enabling MFA for privileged roles will always be first unless you have the full set of points.

 

Tier is for understanding the distinction between a high value, low user impact control, and a moderate value, moderate user impact control. Core is stuff that most every organization should be able to do. Defense in Depth will require more analysis to determine the impact on your organization. Advanced is for organizations that have discrete security needs that they are willing to pay for premium products.

0 Likes
Reply