Published: 11 December 2018
Microsoft Secure Score is a useful metric to assess and improve an organization’s Office 365 security posture, and is a good example for other CSPs. But it lacks a comprehensive view of overall risk assessment, and security and risk management leaders should resist obsessing over particular values.
Included in Full Research
- Secure Score Is Only a Starting Point for Changing Your Measurement of Security Posture, Paving the Way for Future Improvements
- Secure Score Users May Need to Perform Additional Manual Configuration to Better Support Security Decisions
- The Metrics Generated Could Generate a False Sense of Security as the Score Could Be Gamed or Misinterpreted
- Scores Will Require Ongoing Attention and Reassessment, as Customers, Not Microsoft, Need to Determine What “Good” Means