Using Microsoft Secure Score to improve your security posture
Microsoft 365
To check your Secure Score, simply visit https://security.microsoft.com/securescore, and log in using your Microsoft 365 administrator account to view the results.
Why Use Microsoft Secure Score?
We recommend following these tips if you fall short of your industry’s benchmark but aim to improve your Secure Score.
So many times we see people getting fooled when they see a high or good enough number on their Secure Score, but in reality they have not yet integrated it with one of the most important piece of hardware they have: their users’ workstations. Workstations are one of the main entry points for hackers and can be easily compromised without the right protection.
Can an organisation just use one or the other to get an accurate reading of its security posture? Essential Eight is one security framework you can use to strengthen your security stance, but the Secure Score is built right into your Microsoft 365 platform. Both frameworks overlap to some degree, but they’re not 100% match for match because they focus on slightly different things.
Secure Score focuses more on prevention, and a lot of the solutions in the Microsoft Defender suite aid in helping organisations get to a better maturity level in Essential Eight. In contrast, Essential Eight focuses on recovery to ensure your business gets back on track when a cyber incident happens, which the Secure Score doesn’t look at.
We highly recommend using these two frameworks to reinforce your security, for example, by going through your Secure Score and using it for reference to prevent lateral movement in your network. Lateral movement is where an attacker gets access to a compromised admin account and goes deeper into your network in search of sensitive data or intellectual information. Using the least privilege and just-in-time domain admin access as much as possible would not only tick off the lateral problem but also pick up Microsoft Defender and some of the items in the Essential Eight maturity level. Without local admin credentials, compromised servers reduce significantly.
Microsoft Secure Score is a powerful tool to get an overview of your organisation’s current state of security posture along with the steps you can take to improve it. Combining it with an industry-recommended framework such as Essential Eight further fortifies your IT security strategy against evolving cyber threats.
Doing this could be tough for most organisations because not everyone has the expertise or time to do so, but you don’t have to do it alone. Partnering with a proven and skilled Microsoft 365 + Security partner like Total Solutions IT can help you achieve the best combination between a secure IT environment and a great user experience.
Contact us today to learn how to get your Secure Score reviewed or if you have other questions about this blog post.