Monitor security posture with Identity Secure Score

  • 3 minutes

The identity secure score is percentage that functions as an indicator for how aligned you are with Microsoft's best practice recommendations for security. Each improvement action in identity secure score is tailored to your specific configuration.

Screenshot of overview page of the Identity Secure Score. Look at the percentage score for your company.

The score helps you to:

  • Objectively measure your identity security posture
  • Plan identity security improvements
  • Review the success of your improvements

You can access the score and related information on the identity secure score dashboard. On this dashboard, you find:

  • The secure score for your identity
  • A comparison graph showing how your Identity secure score compares to other tenants in the same industry and similar size
  • A trend graph showing any change to the secure score for your Identity over time
  • A list of possible improvements

By following the improvement actions, you can:

  • Improve your security posture and your score
  • Take advantage the features available to your organization as part of your identity investments

How do I get my secure score?

The identity secure score is available in all editions of Microsoft Entra ID. Organizations can access their identity secure score, with the following steps:

  1. Azure portal.
  2. Microsoft Entra ID.
  3. Security.
  4. Identity Secure Score.

How are controls scored?

Controls can be scored in two ways. Some are scored in a binary fashion - you get 100% of the score if you have the feature or setting configured based on our recommendation. Other scores are calculated as a percentage of the total configuration. For example, if the improvement recommendation states you’ll get a maximum of 10.71% if you protect all your users with MFA and you only have 5 of 100 total users protected, you would be given a partial score around 0.53% (5 protected / 100 total * 10.71% maximum = 0.53% partial score).

How should I interpret my score?

Your score improves for configuring recommended security features or performing security-related tasks (like reading reports). Some actions are scored for partial completion, like enabling multifactor authentication (MFA) for your users. Your secure score is directly representative of the Microsoft security services you use. Remember that security must be balanced with usability. All security controls have a user affect component. Controls with low user lock-down should have little to no effect on your users' day-to-day operations.