Microsoft Secure Score
Leverage Industry Best Practices To Enhance Your Protection Against Cyber Threats.
Understanding Microsoft Secure Score
A comprehensive security analytic tool, Microsoft Secure Score evaluates and rates the overall security posture of an organization’s digital environment by analyzing various factors such as:
- User Behaviour
- Data Protection
- Device Management
- Configuration Settings
By keeping an eye on your Microsoft secure score, and implementing security score best practices you can help reduce your organization’s risk. The Secure Score dashboard within Microsoft 365’s platform will allow you to monitor Identities, apps, and devices from one central location.
Why Should You Care About Microsoft Secure Score?
Investing in Microsoft Secure Score can bring numerous benefits to your organization, making it a wise decision for several reasons:
Cyber insurance rates can be affected by your organization's security practices, and investing in Microsoft Secure Score can provide the necessary information to insurers, potentially reducing insurance premiums.
Clients or vendors may request information about your organization's cyber security posture. A high secure score demonstrates a commitment to robust security practices, enhancing your reputation.
Improving your secure score helps lower the risk of cyber events, as a significant majority of incidents (80%) originate from user vulnerabilities. Microsoft Secure Score offers recommendations to mitigate these risks.
Secure Score provides actionable recommendations and best practices to strengthen your organization's security measures, ensuring the protection of sensitive data and maintaining a secure environment.
Is Achieving A 100% Score Realistic Or Impossible?
Achieving a Secure Score of 100% is a near impossible task due to various challenges that organizations must face along the way.
Licensing
Obtaining the necessary licenses and ensuring compliance can be a cumbersome and time-consuming process.
Complexities
As new vulnerabilities emerge and cyber threats evolve, maintaining your secure score requires constant monitoring and updates.
Changing Threats
Moreover, the complexity of modern IT systems, including diverse hardware and software makes it challenging to ensure complete security.
Our Secure Score Packages
We offer comprehensive 365 packages designed to enhance the Secure Score of typical businesses, and we are eager to promote these options to our valued clients.
Our focus is on highlighting the potential for significant improvements to you Secure Score, taking into account that each organization starts from a different baseline, and showcasing the essential policies we enforce and why they play a crucial role in bolstering your security.
365 Basic
Security
~17.41%
Requires M365 Active Directory P1 for all users (included in Business Premium)
Includes policies for:
Enable Policy to Block Legacy Authentication
Ensure all users can complete MFA
Do not allow users to grant consent to unreliable applications
Enable self-service password reset
Require MFA for admins
Do not expire passwords
Designate more than one global admin
Use least privileged admin roles
Labor Base 2.5 hours + 20 minutes per user
Estimated implementation cost:
Base $500 + $50/user
Minimum $1000
365 Recommended Security
~52.21%
Prerequisites: 365 Basic Security
Requires M365 Defender for Office P1
(Included in Business Premium)
All policies from basic, plus:
Create Safe Links policies for email messages
Turn on Safe Attachments in block mode
Set the phishing email level threshold at 2 or higher
Enable the ‘show first contact safety tip’ option
Create zero-hour auto purge policies for malware
Turn on Defender for 365 in SharePoint, OneDrive, and Teams
Turn on the common attachments filter for anti-malware policies
Create Data Loss Prevention (DLP) policies
Do not allow calendar details to be shared with external users
Set action to take on high confidence spam detection
Set action to take on phishing detection
Set action to take on high confidence phishing detection
Set action to take on spam detection
Create zero-hour auto purge policies for phishing messages
Set action to take on bulk spam detection
Ensure spam safety tips are enabled
Estimated Implementation Cost:
$500 base includes up to 15 users
Users 16+ – $10 each.
365 Advanced
Security
~87.04%
Prerequisites: 365 Basic and Recommended
Requires M365 Defender for Office P1 + Azure Active Directory P2 + Microsoft Defender for Cloud Apps (Included in E5 Security)
All policies from basic & recommended, plus:
Ensure that intelligence for impersonation protection is enabled
Move messages that are detected as impersonated users
Enable impersonated domain protection
Enable impersonated user protection
Protect all users with a sign-in risk policy
Protect all users with a user risk policy
Quarantine messages that are detected from impersonated domains
Quarantine messages that are detected from impersonated users
Create an app policy to notify you about new OAuth applications
Enable the domain impersonation safety tip
Enable the user impersonation safety tip
Enable the user impersonation unusual characters safety tip
Ensure that mailbox intelligence is enabled
Turn on Safe Documents for Office Clients
Estimated Implementation cost:
$500 base includes up to 15 users
Users 16+ – $10 each.
What Secure Score is Right for Your Business?
30% and under means you are highly vulnerable and need to address your network as soon as possible.
Below a score of 50% indicates that best practices have not been fully applied.
67% is a score you can expect for a tenant that is configured to practices with all security features enabled.
80% and up is the score that separates your company from its competition in terms of your protection stance.
Unlock the potential to fortify your defenses against cyber threats.
