Knowledge Base Article

Microsoft Secure Score Actions

Microsoft Secure Score shows your security posture to protect customer privacy.


Last Review: February 26, 2020

Product(s): Office 365

Author(s): Kyle Vang


A cyberist created this article using the patented Delta Method by modernizing a typical approach.


Microsoft Secure Score is the representation of your commitment to protect customer privacy and the security posture of your organization. Despite rampant cybercrime and data breaches, few organizations have implemented built-in and often no cost cybersecurity prevention due to inconvenience misconceptions and inept cloud providers.

A low-risk security scorecard demonstrates competitive advantage versus the industry and is often requested by compliance auditors or prospective and existing customers. Ignoring security threats is considered willful neglect resulting in reputation damage, potential civil and criminal actions or penalties, and justified denial of cybersecurity insurance claims.


  • Office 365 Global Admin credentials are required and AD Connect highly recommended.
  • Microsoft Security Score ( is a consolidated score for Windows, Office 365, and Enterprise Mobility Suite (EMS).
  • Microsoft Secure Score displays the score for the previous day and any improvement actions are updated in approximately 24 - 48 hours.
  • Security improvement tasks will be performed at Microsoft Azure ( and Office 365 Admin Portal (
  • Office 365 Security & Compliance ( is for audit/data loss.
  • Microsoft 365 compliance ( is compliance reporting.
  • Cloud App Security is available for all Office 365 subscriptions, is NOT enabled by default, and should be enabled 24-48 hours before starting security improvement.
  • Enabling Multi-Factor Authentication (MFA) which is the top Microsoft security recommendation.
  • Exclude one break-glass unlicensed global admin from Azure Conditional Access to prevent complete tenant lockout and exclude AD Connect account from MFA.
  • An announcement for security improvement actions by management must be made to staff to show leadership and security commitment by example.
  • Many tasks may be performed in minutes but significant score improvements will require a least one week and up to 30 days.
Improvment Task Subscription(s)
Cloud App Security All Office 365
Multi-Factor Authentication Microsoft 365 E3/E5, EMS E3/E5, Office 365 Business & E3/E5
Exchange Online Any Exchange Online
Information Rights Management Any SharePoint Online
Intune Microsoft 365 E3/E5, Enterprise Mobility Suite E3/E5
Office 365 ATP Office 365 ATP, Office 365 E5, Microsoft 365 E5
Azure Information Protection Enterprise Mobility Suite E5
Windows Defender ATP Windows 10 Enterprise E5, Microsoft 365 E5
Customer Lockbox Office 365 E5, Microsoft 365 E5

Improvement Steps

  1. Login to as an Office 365 Global Admin.
  2. Click Improve your score at the bottom of Microsoft Secure Score panel.
  3. Turn on Cloud App Security Console first and then click on each Improvement Action starting with Rank 1.
  4. Click on each Improvement Action by rank below. After reading At A Glance, User Impact, and Implementation, click Manage to update settings.

Follow-up / Testing

  1. Verify AD Connect status and force manual sync of both Azure and local Active Directory connections of Full Import, Full Synchronization, and Export
  2. Export Improvement Actions to Excel for audit reporting and marketing purposes
  3. Regular reporting improvement tasks must be performed from the Secure Score to update properly