Blogs

Microsoft Secure Score is a security analytics tool that provides better security configuration and security features. It applies a numerical score to custom security that outlines the action that can be taken to improve that configuration. It improves the security standards of an organization and lessens the chances of being hacked.

Why use Secure Score?

Secure score is made to help you take actions to improve your security. It gives you parameters to keep your infrastructure secure. Microsoft also offers a comparison chart to show you how your security compares to other Office 365 subscribers. Secure Score helps you understand the extent to which you have a good security configuration. It also informs you about behaviors and best practices to have inside your organization.

How does Secure Score work?

Secure Score determines what services you’re using (Exchange, OneDrive, SharePoint, etc.). It looks at your settings and activities and compares them on a baseline established by Microsoft. You’ll get a score based on how you are aligned with security best practices. It creates a full inventory of all the security configurations that reduces risk. Each control that reduces risk is calculated with points. Some controls are more effective and have more points assigned to them.

It is measured by how they are being implemented. The points provide an overall secure score. More the secure score is more is your organization protected in terms of security measures. This score below in the image represents how secure your environment is. You can measure it over time to track your progress

Office and Microsoft 365 risk assessment

Secure Score provides an overall risk assessment. It gives you links to make you aware of the risk you’re facing if you don’t follow the recommended actions.

This example shows some of the potential risks:

Account Breach – the risk indicates a tenancy breach that can be used by an attacker to interact with either resource in Office and Microsoft 365, or with on-premises infrastructure

Elevation of Privilege – an attacker has managed to compromise one or more accounts in the tenancy and is now working to increase their power

Data Exfiltration – an attacker has found a way to move data out of the tenancy

From the summary page, you can get a glimpse of how your score compares to the average score of all Microsoft customers.

Taking action

Your target score can fall into the range from Basic to Balanced, to Aggressive.

Depending on where you set your target, Secure Score would share with you a number of suggestions to help you reach your goal.

Suggestions are based on priority and the effectiveness of the action compared to the level of impact to the end-users.

Actions that are highly effective, with a low level of user impact are placed at the top, followed by actions that are less effective and more impactful to users.

You can filter these actions by category, such as User Impact, Implementation, etc. Seeing how each of these actions affects the users, allows you to balance your organization’s productivity against your security.

Some actions are not scored, which means even if the corresponding actions are implemented, the secure score won’t increase. These actions are marked as [Not Scored] in the queue. Microsoft has stated over time Microsoft Secure Score will be able to better measure these controls and adjust the score accordingly.

Score analyzer

This allows tracking and reporting of the score over time. As with the secure score summary, your score is compared daily to the average score of all Office and Microsoft 365 customers, so you can see the relative position in the security landscape to make planning and communication easier with the team and the leaders.

The graph below shows the secure score in time.

Organizations always try to ensure the highest level of security for their data and processes, in this quest Secure Score can be one easy and quick indicator, allowing for appropriate actions to be taken in order to gain umpteen level of prevention from various kinds of cyber-attacks. Optimum utilization of these features as you use the tool helps you get further peace of mind that you’re taking the right steps to protect your organization from threats.

Click here to view more such blogs by Mismo Systems!

In this blog I will be talking about the Top 10 elements of Cloud.

Virtual Network: Create a logically isolated section in Microsoft Azure and securely connect it outward.

VM: Windows Azure Virtual Machines is a scalable, on-demand IaaS platform you can use to quickly provision and deploy server workloads into the cloud. Once deployed, you can then configure, manage, and monitor those virtual machines, load-balance traffic between them.

Azure Storage: Microsoft Azure Storage is a Microsoft-managed cloud service that provides storage that is highly available, secure, durable, scalable, and redundant.

Load Balancer: A load balancer that distributes incoming traffic among backend virtual machine instances.

Azure Traffic Manager: Microsoft Azure Traffic Manager allows you to control the distribution of user traffic for service endpoints in the different datacentre.

Application Gateway: Scalable layer-7 load balancer offering various traffic routing rules and SSL termination for the backend.

Business continuity and disaster recovery (BCDR): BCDR plan is a plan to keep your data safe, and apps/workloads running when planned and unplanned outages occur.

Azure Active Directory:  (Azure AD) is Microsoft’s Cloud-Based identity and access management service, which helps your employees sign in and access.

Azure Backup: Simple and reliable server backup to the cloud.

Reliable off site data

a) Convenient offsite protection
b) Safe data
c) Encrypted backups

A simple and integrated solution

a) Familiar interface
b) Windows Azure integration

Efficient backup and recovery

a) Efficient use of bandwidth and storage
b) Flexible configuration
c) Flexibility in recovery
d) Cost-effective and metered by usage

Content Delivery Network (CDN) is a distributed computing model designed for developers to stream high-bandwidth files faster, efficiently, and reliably to worldwide customers. Azure CDN is typically used for delivering static content such as Images, Videos, Style sheets, documents, files, Client-side scripts, and HTML pages to customers using servers that are closest to users.

 App Service Plan: App Service plans to represent the collection of physical resources used to host your apps.

Azure Web Apps: Azure Web Apps enables you to build and host web applications in the programming language of your choice without managing infrastructure.

Azure SQL: A relational database-as-a-service, fully managed by Microsoft. Delivers predictable performance, elastic scale, business continuity, and programmatic functionality. For cloud-designed apps when near-zero administration and enterprise-grade capabilities are key.

Thanks for reading!