使用 Microsoft 安全分數來評估您的安全性工作Assess your security posture with Microsoft Secure Score

重要

已改善的 Microsoft 365 安全性中心 現在已提供公開預覽。The improved Microsoft 365 security center is now available in public preview. 這種新的經驗會將 Defender、Office 365 的 Defender、Microsoft 365 Defender 等,帶入 Microsoft 365 的安全性中心。This new experience brings Defender for Endpoint, Defender for Office 365, Microsoft 365 Defender, and more into the Microsoft 365 security center. 安全小組現在可以管理所有端點、電子郵件及跨產品調查、設定和修正,而不需要流覽個別的產品入口網站。Security teams can now manage all endpoint, email and cross product investigations, configuration and remediation without the need to navigate to separate product portals. 深入瞭解已變更的專案。Learn more about what's changed.

Microsoft 安全分數是組織安全性措施的度量,數位越高,表示已採取更多改進動作。Microsoft Secure Score is a measurement of an organization's security posture, with a higher number indicating more improvement actions taken. 您可以在 https://security.microsoft.com/securescore Microsoft 365 資訊安全中心找到。It can be found at https://security.microsoft.com/securescore in the Microsoft 365 security center.

為了説明您更快速地瞭解您需要的資訊,Microsoft 改進動作分為多個群組:To help you the information you need more quickly, Microsoft improvement actions are organized into groups:

  • Azure Active Directory (身分識別&角色) Identity (Azure Active Directory accounts & roles)
  • 裝置 (Microsoft Defender for Endpoint,稱為Microsoft 裝置安全分數) Device (Microsoft Defender for Endpoint, known as Microsoft Secure Score for Devices)
  • App (電子郵件和雲端 App,包括 Office 365 和 Microsoft 雲端 App 安全性) App (email and cloud apps, including Office 365 and Microsoft Cloud App Security)

注意

在最新發佈的 Microsoft 安全分數中,已推出改良的計分模型,讓 Microsoft 安全分數暫時與身分識別安全分數和圖形 API 不相容。In the recent release of Microsoft Secure Score, an improved scoring model has been released which made Microsoft Secure Score temporarily incompatible with Identity Secure Score and the Graph API. 檢視詳細資料View details

在 Microsoft 安全分數概觀頁面中,查看在這些群組中分數的分配與可用的分數。In the Microsoft Secure Score overview page, view how points are split between these groups and what points are available. 您也可以全面查看總計分數、安全分數的歷史趨勢和基準比較,以及可採取哪些改進動作來改進分數的優先順序。You can also get an all-up view of the total score, historical trend of your secure score with benchmark comparisons, and prioritized improvement actions that can be taken to improve your score.

安全分數首頁

檢查您目前的分數Check your current score

若要檢查您目前的分數,請前往 Microsoft 安全分數概觀頁面,並尋找顯示您安全分數 的磚To check on your current score, go to the Microsoft Secure Score overview page and look for the tile that says Your secure score. 您的分數會以百分比顯示,以及您可能在總計可能分數中已成就的點數。Your score will be shown as a percentage, along with the number of points you've achieved out of the total possible points.

此外,如果您選取分數旁邊的包含按鈕,您可以選擇不同的分數視圖。Additionally, if you select the Include button next to your score, you can choose different views of your score. 這些不同的分數視圖會顯示在分數磚和點分解圖的圖形中。These different score views will display in the graph on the score tile and the point breakdown chart.

以下是您可以加到您整體分數的視圖中的分數,以更完整地瞭解整體分數:The following are scores you can add to your view of your overall score to give you a fuller picture of your overall score:

  • 計畫分數:完成計畫的動作時顯示預計的分數Planned score: Show projected score when planned actions are completed
  • 目前的授權分數:顯示目前的 Microsoft 授權可以達到的分數Current license score: Show score that can be achieved with your current Microsoft license
  • 可成就的 分數:顯示能與 Microsoft 授權和目前風險接受度一起達成的成績Achievable score: Show score that can be achieved with your Microsoft licenses and current risk acceptance

如果您已經包含所有可能的分數視圖,此視圖看起來會像這樣:This view is what it will look like if you've included all possible score views:

您的安全分數,包括計畫分數、目前的授權分數和可達成的成績

採取動作以改善您的分數Take action to improve your score

改進 動作按鈕 會列出能解決可能攻擊面的安全性建議。The Improvement actions tab lists the security recommendations that address possible attack surfaces. 它也包括其狀態 (位址、計畫、接受的風險、透過協力廠商解決、透過替代的風險降低和已完成) 。It also includes their status (to address, planned, risk accepted, resolved through third party, resolved through alternate mitigation, and completed). 您可以搜尋、篩選及分組所有改進動作。You can search, filter, and group all the improvement actions.

排名Ranking

排名是根據要達到的點數、執行困難、使用者影響和複雜度來計算。Ranking is based on the number of points left to achieve, implementation difficulty, user impact, and complexity. 排名最高的改進動作有大量的剩餘點數,其困難度、使用者影響和複雜度都較低。The highest ranked improvement actions have a large number of points remaining with low difficulty, user impact, and complexity.

查看改進動作詳細資料View improvement action details

當您選取特定的改進動作時,會出現一個完整頁面飛出視窗。When you select a specific improvement action, a full page flyout appears.

改進動作飛出顯示範例

若要完成動作,您有幾個選項:To complete the action, you have a few options:

  • 選取 管理 以前往組選畫面,然後進行變更。Select Manage to go the configuration screen and make the change. 接著,您就會獲得動作值得一讀的點數,顯示在飛出飛出中。點數更新通常約需要 24 小時。You'll then gain the points that the action is worth, visible in the fly out. Points generally take about 24 hours to update.

  • 選取 共用 以複製改進動作的直接連結。Select Share to copy the direct link to the improvement action. 您也可以選擇共用連結的平臺,例如電子郵件、Microsoft Teams、Microsoft Planner 或 ServiceNow。You can also choose the platform to share the link, such as email, Microsoft Teams, Microsoft Planner, or ServiceNow. 選取 ServiceNow 將讓您建立在 ServiceNow 和 Microsoft 365 資訊安全中心首頁中可見的變更票證。Selecting ServiceNow will let you create a change ticket that will be visible in ServiceNow and the Microsoft 365 security center home. 若要深入瞭解,請參閱 Microsoft 365 資訊安全中心與 ServiceNow 整合To learn more, see Microsoft 365 security center and ServiceNow integration.

新增 事以追蹤進度或您想要新增批註的任何專案。Add Notes to keep track of progress or anything else you want to comment on. 如果您在 改進動作中 加入自己的標記,您可以根據這些標記進行篩選。If you add your own tags to the improvement action, you can filter by those tags.

選擇改進動作狀態Choose an improvement action status

選擇任何改進動作的特定狀態並記錄附注。Choose any statuses and record notes specific to the improvement action.

  • 解決 - 您瞭解改進動作是必要的,並計畫在未來某一點解決。To address - You recognize that the improvement action is necessary and plan to address it at some point in the future. 此狀態也適用于偵測為部分完成但尚未完成的動作。This state also applies to actions that are detected as partially, but not fully completed.
  • 已規劃 - 有具體的計畫可完成改進動作。Planned - There are concrete plans in place to complete the improvement action.
  • 接受的風險 - 安全性應一定會與可用性保持平衡,而並非每個建議都適用于您的環境。Risk accepted - Security should always be balanced with usability, and not every recommendation will work for your environment. 在這種情況下,您可以選擇接受風險或其餘風險,而不是增加改進動作。When that is the case, you can choose to accept the risk, or the remaining risk, and not enact the improvement action. 您將不會獲得任何點數,但改進動作清單中將不會再顯示該動作。You won't be given any points, but the action will no longer be visible in the list of improvement actions. 您可以在歷程記錄中查看此動作,或隨時復原。You can view this action in history or undo it at any time.
  • 透過協力廠商解決****並透過替代 風險降低方式解決 - 協力廠商應用程式或軟體或內部工具已經解決改進動作。Resolved through third party and Resolved through alternate mitigation - The improvement action has already been addressed by a third-party application or software, or an internal tool. 您將獲得值得執行的動作分數,這樣您的分數就更能夠反映整體的安全性表現。You'll gain the points that the action is worth, so your score better reflects your overall security posture. 如果協力廠商或內部工具已不再涵蓋該控制項,您可以選擇其他狀態。If a third party or internal tool no longer covers the control, you can choose another status. 請記住,如果改進動作標示為這些狀態之一,Microsoft 將完全無法看到完整的執行。Keep in mind, Microsoft will have no visibility into the completeness of implementation if the improvement action is marked as either of these statuses.

威脅&弱點管理改進動作Threat & vulnerability management improvement actions

對於「裝置」類別中的改進動作,您無法選擇狀態。For improvement actions in the "Device" category, you can't choose statuses. 相反地,系統將會將您導向 Microsoft Defender 資訊安全中心的相關威脅和弱點管理安全性建議以採取行動。Instead, you'll be directed to the associated threat and vulnerability management security recommendation in the Microsoft Defender Security Center to take action. 您選擇和理由的例外會限制于該入口網站。The exception you choose and justification you write will be specific to that portal. 它不會在 Microsoft 安全分數入口網站中。It won't be present in the Microsoft Secure Score portal.

已完成的改進動作Completed improvement actions

一旦完成改善動作的所有可能重點後,改進動作會進入「已完成」狀態。Improvement actions have a "completed" status once all possible points for the improvement action have been achieved. 已完成的改進動作雖然 Microsoft 資料已確認,但您無法變更狀態。Completed improvement actions are confirmed though Microsoft data, and you can't change the status.

評估資訊並評論使用者影響Assess information and review user impact

名為快速 流覽的區 段會告訴您類別、可防範的攻擊以及產品。The section called At a glance will tell you the category, attacks it can protect against, and the product.

如果使用者 有改進行動,使用者的影響會受到影響,而受影響的使用者會受到影響。 User impact is what the users will experience if the improvement action is enacted, and Users affected are the people who will be impacted.

執行改進動作Implement the improvement action

The Implementation section shows any prerequisites, step-by-step next steps to complete the improvement action, the current implementation status of the improvement action, and any learn more links.The Implementation section shows any prerequisites, step-by-step next steps to complete the improvement action, the current implementation status of the improvement action, and any learn more links.

先決條件包括解決改進動作之前需要的任何授權或需完成的動作。Prerequisites include any licenses that are needed or actions to be completed before the improvement action is addressed. 請確定您的授權中有足夠的座位以完成改進動作,而且這些授權已套用至必要的使用者。Make sure you have enough seats in your license to complete the improvement action and that those licenses are applied to the necessary users.

我們想知道您的想法We want to hear from you

如有任何問題,請張貼在安全性、隱私權和合規性& 告訴我們If you have any issues, let us know by posting in the Security, Privacy & Compliance community. 我們正在監控社群,並且會為您提供協助。We're monitoring the community and will provide help.