What is Microsoft Secure Score?
Table of contents
It assigns a score based on implemented security controls across services like Entra ID, Exchange, Teams, and SharePoint.
The score ranges from 0 to 100 (or higher if additional services are integrated), with a higher score indicating stronger security practices.
The Secure Score dashboard
The Secure Score dashboard suggests actions you can take to boost security, like enabling MFA, reviewing permissions, or setting up data loss prevention. Each of these recommendations has a weighted impact on the score.
For example, you can do the following to improve the score:
- Enabling MFA for all users might increase the Microsoft Secure Score significantly due to its importance in reducing unauthorized access.
- Regularly reviewing and removing unused admin accounts could improve the score slightly but still address a critical security concern.
By tracking progress over time, organizations can use Microsoft Secure Score to identify vulnerabilities, prioritize security improvements, and align with compliance requirements. It is accessible through the Microsoft Defender Portal or the Azure portal.
What is a good Microsoft secure score?
Above 80%: An excellent score, showing strong security with most recommended protections in place. The organization is well-guarded against common threats.
60%-80%: A solid security posture with good defenses. Some improvements may be needed, but security is taken seriously.
40%-60%: A moderate score, indicating decent protections but also clear areas for improvement. Strengthening security should be a priority.
Below 40%: A low score, signaling major security gaps. Immediate action is needed to address critical vulnerabilities.
