Microsoft Secure Score Reviews

Microsoft Secure Score can mainly be used for calculating security principles in your environment. For example, if you have modern authentication, your score will increase by 1%. If you have legacy authentication, your score will decrease by 0.5%. If you have your admin account as a cloud-only account, you receive a certain score. If you are blocking access from different countries where your business is not operating, you will get 0.1%. In Exchange, when modern authentication is used instead of legacy versions, the score increases. In all Microsoft 365 aspects, Microsoft provides recommendations for security controls, and based on how much we implement these recommendations, the score increases.

The biggest advantage of the product is that all security principles come in M365. There are numerous benefits as all data, communication, and business operations exist in M365. All security tools are useful to cover data inside M365, including access, Windows sign-in, and everything else. It serves as an all-in-one solution.

Regarding reporting, in one view we can determine our current security posture. In one overall report, we get all security principles recommendations, what we have done, and the benefits.

Microsoft Secure Score is not only for identity and access protection but for the whole M365 environment. The score is available for Exchange, Purview, Data Loss Prevention, EDR, XDR solution, Entra, InTune, SharePoint, and everything else.

The recommendations come directly from Microsoft, and we proceed based on their guidance.

In the Microsoft Secure Score portal, we can easily determine whether we can implement specific recommendations based on our license. For instance, if there are 5,000 users in an organization and a recommendation is implemented for 3,500 users, the report will reflect this partial implementation. The score will increase by 0.75% instead of 0.1% because the recommendation was only applied to 3,500 users.

The security score can be divided into categories such as Identity Access Management, Data Security, Exchange, SharePoint, and InTune. We can easily determine how much the secure score has increased in each separate aspect. This makes it simple to identify areas where cloud apps score lower and identity scores higher, allowing for targeted improvements.

There are some technical limitations where certain features might support Windows but not Android devices. The compatibility between Windows and macOS also shows significant differences. Microsoft continuously works on improvements, and when we find issues and report them to Microsoft, they address them.

To get full benefits from the EDR solution, Microsoft EDR solution needs to be set as the primary antivirus in the system. Without this configuration, many features cannot be accomplished.

A specific example occurred in a recent project where the requirement was for emails sent outside the organization to require manager approval before being sent. While the approval system works on Windows, it does not support Android devices, limiting the functionality on mobile platforms.

I have been using this solution for almost three years.

There are stability issues present, as with any tool. Latency issues occur for some clients, requiring cases to be raised with Microsoft to get fixes. However, these issues are not widespread.

The solution is completely scalable and flexible. Manual intervention has been highly reduced compared to one, two, three years ago.

The technical support from Microsoft is very good, with only one out of ten customers experiencing issues.

Positive

The installation of Microsoft Secure Score is seamless. It requires downloading and enrolling a device, after which the device can be managed. The installation includes all Office 365 tools in one package, which is highly beneficial. Once enrollment is completed, the device will be under control. The solution works without requiring any agents to implement policies.

Microsoft Secure Score offers better pricing because all security tools are included in one payment. Purchasing EDR solution, Data Loss Prevention solution, compliance manager tool, and data backup separately would be more expensive, but this solution covers everything in one licensing cost.

The product helps us with incorporating a mix of industry standards such as ISO and company-specific benchmarks. It amalgamates best practices for various aspects, including devices, applications, identities, workloads, and configurations.

Microsoft Secure Score's most valuable feature is identity. It provides me with a score and security status of devices. I can further work on enhancing that particular aspect.

Microsoft Secure Score's user interface and export feature need improvement. We are not able to export the overall security score at the moment. I have to use PowerShare in the background to encounter the issue.

They could indicate whether a recommendation aligns with different compliance standards.

We have been using Microsoft Secure Score for about eight years.

The product is available 99.99% of the time per the license agreement. I rate the stability a ten out of ten.

I rate the platform's scalability a seven out of ten. It is suitable for medium to large enterprises. However, most users don't utilize the feature to its full potential due to a lack of knowledge about recent Microsoft technologies.

Microsoft's technical support team focuses on only one specific product. In comparison, the support partners have expertise in all products.

Positive

We used GitHub previously. It provided comprehensive reports.

They provide an automatic initial setup process. We have to buy the licenses and overview them before. It can be deployed on the cloud except for Defender functionality, which needs to be set up on-premise.

The product pricing is reasonable.

I rate Microsoft Secure Score a nine out of ten.