Microsoft Defender Secure Score: Boosting Your Security Posture

Do you know what a “secure score” is? Think of it like a fitness tracker for your organisation's cybersecurity. It provides a measurement of your security posture, with a higher score indicating that more recommended security actions have been taken. Think of it as your organisation's security health check-up!

Why does Secure Score matter?

In today's digital landscape, threats are as common as morning coffee. From phishing attacks to sneaky malware, cyber adversaries are always lurking. By following Secure Score recommendations, you can fortify your defences and protect your digital resources. Some of these recommendations are about the most basic security configurations.

The Microsoft Digital Defense Report 2023 discusses how basic security hygiene can protect against 99% of attacks.

How does it work?

Secure Score rewards you for doing the right things. You can earn points by:

• Configuring recommended security features: Enabling features like multi-factor authentication (MFA), encryption, setting a minimum password length, or having a non-browser password manager.
• Completing security-related tasks: Regularly reviewing logs, patching vulnerabilities, and staying vigilant - keeping up to date.
• Addressing recommendations with non-Microsoft solutions: Even if you're using third-party tools, they count. According to Microsoft, 70–90% of the code used by developers is from open source software.

Some actions give full points only when fully completed, while others offer partial points (still raising your secure score). If you can't implement a recommendation, you can choose to accept the risk, address it later, or mitigate it by taking an alternative action.

Security should be balanced with usability. Not every recommendation fits every environment. Additionally, depending on the type of Microsoft licence you have, some recommendations might not be available.

Boost your Secure Score today

Some quick actions you can take today (or at least this week):

1. Enable Multi-Factor Authentication (MFA)

MFA adds an extra layer of protection by requiring a second way of verification (like a text message or app notification) when logging in. This is especially critical for administrator accounts.

2. Keep your antivirus software updated

Your antivirus is like a vigilant guard for your devices. It is also recommended to pair it with antimalware software, as it specialises in newer exploits. Regularly update your antivirus software - a sharp tool is better than a rusty one. We recommend Microsoft Defender for Endpoint for devices.

3. Device hygiene matters

Laptops, smartphones, and tablets are your digital armour. Any internet-exposed endpoint can be an entry point for malicious actors. Retire devices when no longer needed, lock them down, and maintain their software. Block known threats with Attack Surface Reduction rules (ASR) - these target certain software behaviours such as launching executable files or scripts that attempt to download or run files, running obfuscated scripts, or performing behaviours that apps don't usually initiate during normal day-to-day work.

4. Embrace Zero Trust principles

Zero Trust means verifying every user, device, and app - no blind trust. Implement the Zero Trust practices: Verify explicitly, Use least-privilege access, and Assume breach. These principles can be applied at various layers of your environment.

As a takeaway, focus your secure score efforts on user identity, device health, and access control to prevent lateral movement and privilege escalation in the network. Remember, your Secure Score reflects your efforts - not just the licences you own. Balance security with usability, and you'll be well on your way to fortifying your digital environment.