Why monitoring the secure score should be part of your security management

Modern Service Management

November 10, 2024

Marco van der Steijle

Service Delivery Manager

Table of contents

Loading toc item...

Who you gonna call?

Contact opnemen

How, how and why of the Secure Score

Microsoft describes it as a measuring tool for your organization to determine how your security management is doing and what actions you can still take to increase this score. Why that is so important now and what business value is attached to it? Simple: you want to be able to identify vulnerabilities in time, ward off threats, keep the impact of vulnerabilities as low as possible and limit risks in the future.

Systems that are not up to date are riskier
Backing up is a given with Microsoft Defender for Cloud in Azure
You don't want to have data leaks and therefore use data encryption
You want to arrange access to systems as well as possible with associated rights and auditability. We call that asset management.
Endpoints must be protected. Especially the information that is exchanged between the API
Those who want to obtain an ISO certification must be compliant and Cloud Defender has a template to monitor whether you are and stay up to date.

So what is a good secure score? We say that a secure score of 30-35% is on average low. However, you will hardly see 100% anywhere. That would mean that your systems are no longer flexible and you don't want that. A market average that is considered good is a score above 70%. Please note: once you have managed to get a good secure score with your organization, you also want to keep it. So if more functionality is added from the application or from Microsoft, it is important to keep monitoring. After all, a lower percentage means more risk on the above points.

Previous blogs you might find interesting:

Security recommendations in the Microsoft Defender for Cloud

Have you already taken a look at your portal yourself? This includes tips on MFA (both at the organization level and at the subscription level), management ports and much more. Are you not using Azure yet and are you not getting these recommendations yet but want to know more about them? Then check out Modern Service Management | Bizure or send us a message.

An example? Think about Azure AD Privileged Identity Management (PIM) Through PIM, we can give rights to certain roles (e.g. contributer or admin). From another auditable process, we can request access to systems, keep track of who made what changes to production and trace that later if necessary. This is easy to set up via a workflow. You will read more about this compliance in the fourth blog. So, stay tuned!

Marco's tip: make your environments safe and do so in a uniform way that makes it understandable for both business and IT and actions can be followed immediately if the situation requires it. The secure score can be a good guide here, so take advantage of it!

Proactive monitoring to reduce security risks

If you are an IT Manager, Security Officer or Developer, the secure score (if all is well) is well known to you. The business is also increasingly seeing the point of security issues because their environment is often public facing, which is why it is a must to ensure that end users have their data safely in the cloud and that partners can work as efficiently as possible on the platform with the right credentials. For example, if there are a lot of unknown requests per day on your site, you know that there is a possible risk. With proactive security monitoring, we can work together to find out exactly what this is due to.

If there is a critical issue, it will be communicated with proposed action and possibly direct implementation. You can also set up direct alerting so that you are immediately aware of a vulnerability. Should a change have consequences for end users, it is wise to weigh risk and impact.

Bizure offers proactive monitoring in the areas of your IT landscape, subscriptions, platforms, API management and cloud architecture.