A "quick wins" approach to securing Azure Active Directory and Office 365 and improving your security posture | Microsoft Security Blog (2024)

Table of Contents
What is Microsoft Secure Score? I am glad you asked How does Secure Score help organizations? How is the Score determined? What aresecurity defaults? When should you usesecurity defaults? How is the Score determined? Get Started withMicrosoftSecureScore and security defaults Secure Score Security defaults Bumps in the road

In the last post, we discussed Office 365 and how enabling certain features without understanding all the components can lead to a false sense of security. We demonstrated how implementing a break glass account, multi-factor authentication (MFA), and the removal of legacy authentication can help secure your users and point your organization’s security posture in the right direction. While implementing those controls is an excellent start to hardening your environment, it is just the beginning. Read that blog here.

Security is critical, and any way that we can expedite threat prevention is highly welcomed. What if there was a way to get into a more secure state quickly. How much time would this give you back to focus your attention on other tasks like actual customers (user base, clients)?

Do you wish there was a quick approach for security configurations in Azure Active Directory (Azure AD) and Office 365? I know I do, and thankfully we have some options here, and they are Secure Score and security defaults. Many of our customers are not aware that these features exist, or if they are aware, they fail to take advantage of using them.

“This blog post willprovide an overview ofMicrosoftSecure Score and security defaults—two features that are easy to utilize and can significantly improve your security in Azure AD and Office 365 configurations.”

What is Microsoft Secure Score? I am glad you asked

Microsoft Secure Score is a measurement developed to help organizations understand where they are now and the steps needed to improve their security posture. Microsoft Secure Score summarizes the different security features and capabilities currently enabled and provides you with the ability to compare your Score with other companies like yours and identify recommendations for areas of improvement.

See Also
Providing a default level of security in Microsoft Entra ID - Microsoft EntraIntroducing security defaultsWhat are Azure AD Security Defaults, and should you use them?Microsoft Security Defaults vs Conditional Access - Recent Update

A "quick wins" approach to securing Azure Active Directory and Office 365 and improving your security posture | Microsoft Security Blog (1)

Figure 1: Microsoft Secure Score screen image

How does Secure Score help organizations?

Secure Score provides recommendations for protecting your organization from threats. Secure Score will:

  • Objectively measure your identity security posture.
  • Plan for security improvements.
  • Review the success of your improvements.
  • The Score can also reflect third-party solutions that have been implemented and have addressed recommended actions.
  • The Secure Score reflects new services, thus keeping you up to date with new features and security settings that should be reviewed and if action on your part.

How is the Score determined?

Secure Scorecompares your organization’s configuration against anonymous data from other organizations with similar features to your organization, such as company size.Each improvement action is worth ten points or less, and most are scored in a binary fashion. If you implement the improvement action, likerequireMFAfor GlobalAdministrators orcreate a new policy or turn on a specific setting, you get 100 percent of the points. For other improvement actions, points are given as a percentage of the total configuration.

For example, an improvement action states you get ten points by protecting all your users with multi-factor authentication. You only have 50 of 100 total users protected, so that you would get a partial score of five points.

See Also
Azure AD Security Defaults - one click and done? - ChrisOnSecurity

Additionally, your score will drop if routine security tasksare notcompleted regularly or when security configurations are changed. It will providedirections to the security teamaboutwhat has changed and the security implications of those changes.

What aresecurity defaults?

Security defaults, a one-click method for enabling basic identity security in an organization, are pre-configured security settings that help defend organizations against frequent identity-related attacks, such as password spray, replay, and phishing. Some of the critical features of Security Defaults include:

  • Requiring all users to register for Azure AD Multi-Factor Authentication (MFA) using the Microsoft Authenticator app.
  • Requiring administrators to perform multi-factorauthentication.
  • Blocking legacy authenticationprotocols.
  • Requiring users to perform multi-factor authentication when necessary.
  • Protecting privileged activities like access to the Azure portal.

When should you usesecurity defaults?

It would be best if you usedsecurity defaultsin the following cases:

  • If you want toincreasetheoverall securitypostureanddon’tknow how or where to start,security defaultsare for you.
  • If youare usingthe free tier of Azure Active Directory licensing,security defaultsare for you.

How is the Score determined?

Microsoft Secure Score has recently added improvement actions to support security defaults in Azure Active Directory, making it easier to help protect your organization with pre-configured security settings for frequent attack vectors.

When you turn on security defaults, you will be awarded full points for the following improvement actions:

  • Ensure all users can complete multi-factor authentication for secure access (nine points).
  • Require MFA for administrative roles (ten points).
  • Enable policy to block legacy authentication (seven points).

Get Started withMicrosoftSecureScore and security defaults

Microsoft organizes Secure Score improvement actions into groups to help you focus on what you need to address for your organization:

  • Identity (Azure AD accounts and roles).
  • Data (Microsoft Information Protection).
  • Device (Microsoft Defender ATP, known asConfiguration score).
  • Application (email and cloud apps, including Office 365 and Microsoft Cloud App Security).
  • Infrastructure (no improvement actions for now).

Secure Score

  • Start by logging into your Secure Score.
  • View your scores and where you need to improve.
  • Export all recommendations for your organization and turn this into an attack plan.
  • Prioritize the recommendations you will implement over the next 30, 60, 90, and 180 days.
  • Pick the tasks that are priorities for your organization and work these into your change control processes.

Security defaults

  • Start by logging in to your  Azure portal as a security administrator, Conditional Access administrator, or global administrator.
  • Browse to Azure Active Directory, and then Properties.
  • SelectManage security defaults.
  • Set theEnable security defaults, then toggle toYes.
  • SelectSave.

A "quick wins" approach to securing Azure Active Directory and Office 365 and improving your security posture | Microsoft Security Blog (2)

Figure 2: Enabling security defaults

There are many security enhancements that keep coming to Microsoft’s Cloud stack, so be sure you check your secure Score weekly. As the days go by and new security settings appear, your secure Score will reflect these changes. It is critical to check back often to ensure you are addressing any further recommendations.

Bumps in the road

Microsoft Secure Score and security defaults are straight forward ways to evaluate and improve your Azure AD and Office 365 configurations’ security. Security defaults help implement industry recommended practices, while Microsoft Secure Score creates a hands-on interface that simplifies the ongoing process of security assessment and improvement.

Our upcoming blog will explore the necessary built-in Azure tooling and open-source options that an organization can employ during investigative scenarios.

To learn more about Microsoft Security solutions visit ourwebsite. Bookmark theSecurity blogto keep up with our expert coverage on security matters. Also, follow us at@MSFTSecurityfor the latest news and updates on cybersecurity.

A "quick wins" approach to securing Azure Active Directory and Office 365 and improving your security posture | Microsoft Security Blog (2024)
Top Articles
Flotsam Shores Location Guide + All Chests (Spiritfarer) - Guide Strats
Spiritfarer Items Guide: Every Important Item and How to Get It
Leave your cans out, park your truck: DeSantis signs bill to rein in overbearing HOA fines
Psalm 46 Niv Version
Super Nash Bros Tft
Skyward Rantoul
Game Of Thrones Ck2 Mod
MSC Seascape Cruise Reviews (2024 UPDATED): Ratings of MSC Seascape
The best Summoner builds in Terraria Calamity
PC - An updated Summoner's guide
H-2B Visas: Everything You Need to Know
H2B Document List: Requirements, Fees, and Process - Herman Legal Group
Latest Posts
Zinc Ore & Ingots (Spiritfarer) - Guide Strats
Ireland | History, Map, Flag, Capital, Population, & Facts
Article information

Author: Tish Haag

Last Updated:

Views: 5664

Rating: 4.7 / 5 (67 voted)

Reviews: 82% of readers found this page helpful

Author information

Name: Tish Haag

Birthday: 1999-11-18

Address: 30256 Tara Expressway, Kutchburgh, VT 92892-0078

Phone: +4215847628708

Job: Internal Consulting Engineer

Hobby: Roller skating, Roller skating, Kayaking, Flying, Graffiti, Ghost hunting, scrapbook

Introduction: My name is Tish Haag, I am a excited, delightful, curious, beautiful, agreeable, enchanting, fancy person who loves writing and wants to share my knowledge and understanding with you.