As businesses increasingly adopt cloud-based services and platforms, securing identities is becoming more challenging. To address this concern, Microsoft offers a cloud-based identity and access management (IAM) solution – Azure AD. Azure AD has a wide range of security features designed to safeguard identities and regulate access to resources. One of these features is the Azure AD Identity Secure Score, which can help your organization to measure and improve your security posture.
Someone recently asked me a simple but very interesting question: “Kate, If you could do only one thing in Azure to improve security, what would that be?” After a moment of reflection, I answered without hesitation: “I would secure Identities.”
I will attempt to explain why.
Identity and access management (IAM) is the cornerstone of security in the cloud in my humble opinion. It’s not enough to protect your network perimeter or encrypt your data at rest and in transit. If your identities are compromised, your entire cloud infrastructure is at risk. That’s why Microsoft has invested heavily in providing robust IAM capabilities such as Azure AD, Azure AD Identity Protection, Azure AD Privileged Identity Management etc.
Why are identities so critical? First of all, identities are the gateway to your cloud resources hence determine who can access what, when, and how. If an attacker gains control of a privileged identity, they can do pretty much ANYTHING they want in your cloud environment, from exfiltrating data to deploying malware to stealing credentials.
Secondly, identities are not just static entities. They are dynamic and contextual, meaning that they can change based on various factors, such as location, device, behavior, and risk. That’s why it’s essential to protect them. Having said that, securing identities is not a silver bullet that solves all security challenges in the cloud. However, if you ask me, I think it’s a critical foundation that enables other security controls to work effectively and yes i agree, security in the cloud is a combination of efforts, but i stand by this, securing identities is the alpha and omega of that effort.
In this blog post, I will attempt to examine the Azure AD Identity Secure Score as well as explain how it can assist your organization improve your security posture.
What is Identity Secure Score?
Identity Secure Score is a security analytics tool that measures your organization’s identity security posture. Firstly, it represents the effectiveness of your organization’s security controls for IAM in Azure AD. Additionally the score calculates your organization’s usage of recommended security controls and compares it against a baseline score. Microsoft determines the baseline score based on a set of common security practices recommended by them.
Identity secure score is available in all editions of Azure AD. You can check your secure score from the Azure portal > Azure Active Directory > Security > Identity Secure Score.
On this dashboard, you will find:
- Your identity secure score
- A comparison graph showing how your Identity secure score compares to other tenants in the same industry and similar size.
- A trend graph showing how your Identity secure score has changed over time.
- A list of possible improvements
The Identity Secure Score ranges from 0% to 100% and a higher score indicates a stronger Identity posture. Additionally, the score is updated regularly, allowing organizations to track their progress over time and make adjustments as needed.
How is the Identity Secure Score calculated?
Let’s see how to calculate the Identity Secure Score. Microsoft recommends security controls that are categorized into four areas: User security, Admin security, Device security, and App security. The Identity Secure Score is calculated based on your organization’s implementation of these recommended security controls.
For example, if a recommendation states that you can get a maximum of 10.71% score by protecting all your users in your organization with MFA. Non the less you decide to implement this recommendation for only 5 out of 100 users. As a result, you will receive a partial score around 0.53% (5 protected / 100 total * 10.71% maximum = 0.53% partial score).
Moreover, each control is assigned a weight based on its impact on security, and the score for each control is multiplied by its weight. Your overall score is calculated by summing the weighed scores for each control.
How can organizations use the Identity Secure Score?
The Identity Secure Score provides your organization with a way to measure your security posture. Furthermore, it can help organizations identify areas that need improvement. By using the Identity Secure Score, you can:
- Objectively measure your identity security posture. How? Identity Secure Score provides a clear, quantitative measure of your organization’s security posture. Consequently, this makes it easier to track progress over time and compare against industry benchmarks like Azure Security Benchmark v3. Measuring and monitoring Identity Secure Score will enable you proactively identify and address identity-related threats before they result in data breaches or other security incidents.
- Plan and Identify areas for security improvements. This can be achieved by identifying areas where security controls are not being used effectively or where additional controls may be needed. By identifying these areas, your organization can take proactive steps to improve your security posture for Identity.
- Promote a culture of security. This is one of the most important areas of Identity security. The Identity Secure Score can be used to raise awareness of the importance of security within your organization and to encourage both users and admins to adopt secure behaviors. This could also be a way to encourage admins to work proactively with implementing security best practices recommended by Microsoft to secure their cloud infrastructure.
I could go on and on about why organizations ought to actively use the Azure AD Identity Secure Score to measure and improve security. This is a valuable tool as it enables businesses to identify areas for improvement and proactively enhance their security posture. With the Identity Secure Score, your company can measure its security posture. In addition, you can also identify areas for improvement, make informed decisions, ensure compliance, while promoting a culture of security. While cloud-based services and platforms offer many advantages, they also present significant security challenges. In conclusion Identity management is a critical component of cloud security. Businesses must therefore implement robust security measures to safeguard their identities and resources.
