A crucial subset of the Microsoft Secure Score markers is the Identity Secure Score. You can access the score and related information on the Identity Secure Score dashboard.
Identity and Access Management (IDAM) is a key component of cloud security and is always where we start when assessing the security of any environment. Getting IDAM right makes sure that only the right people have access to the right data and resources, ensures compliance and limits the damage that could be caused by a potential breach. (If you’re interested in finding out more about a sound IDAM approach, download our guide ‘How to Avoid the Fate of the Death Star’.
Here’s our quick guide to understanding your overall Secure Score:
Under 50% There is some immediate work needed to sufficiently secure your environment
50-80% You're getting there, but you still need to address the recommended actions
80%+ Looking good, but there’s always room to improve, and find ways of maintaining your score
It’s important to bear in mind that not every recommendation will work for your environment; there will always be a trade-off between security and usability. It’s no good having the most secure laptop in the world if you can’t actually use it in the way that you need to. It just depends on how much risk you’re willing to accept.
Here are a few ways you can beef up your defence without sacrificing that sweet, sweet user experience:
1. Insist all staff use the strongest level of Multi-factor Authentication (MFA) available
2. Block legacy authentication methods from the environment; legacy authentication doesn't support MFA, meaning it can be bypassed
3. Reduce administrative rights on all standard accounts
You can start now by going to https://security.microsoft.com and signing in using your Microsoft ID to access your Secure Score. Your dashboard will suggest the actions you need to take to improve your score and, ultimately, your organisation's security. To help you get going, our Head of Delivery, Reda Wahid, has put together this handy, step-by-step video explaining how to access and use Secure Score.
If your score is not where you’d like it to be, and the list of recommended actions is overwhelming and impenetrable, we can help. Our Cloud Security Review is a relatively low-cost, one-off project that provides you with a comprehensive report, including:
• the current security posture of your Microsoft environment
• the configuration health of your identity and devices
• recommendations for the foundations to build a secure, robust IT infrastructure
Our security consultants use a proven methodology based on Microsoft best practice, the CIS framework, and decades of specialist security experience to ensure you have all the information required to improve your security posture.
At the end of the review, you will understand precisely where you are with your cloud security, and how to make it better.
But don’t just take our word for it...