Security Scores
Description
Security scores are automatically calculated and presented with a name and color.
Good indicates that everything is fine and further attention is not needed
Fair indicates that something might be wrong and attention is advised
Poor indicates that something is wrong and action is required
How security scores are calculated
Antivirus
If the antivirus engine is not running, the security score is Poor
If the antivirus engine is running, but the virus definition updates are not up to date, the security score is Fair
If the antivirus engine is running, and the virus definition updates are up to date, the security score is Good
If the necessary information cannot be collected, the security score is None
Drivers
If the hardware model is supported and the drivers are up to date, the security score is Updated
If the hardware model is supported and the drivers are not up to date, the security score is Outdated
If the hardware model is not supported or necessary information is missing, the security score is None *
Drivers are matched against the repository with driver packs provided by CapaOne Drivers and are only shown on the Security Summary dashboard
Encryption
If the boot drive is not encrypted, the security score is Poor
If the boot drive is encrypted, and no data drives exists, the security score is Good
If the boot drive is encrypted, but one or more data drives are not encrypted, the security score is Fair
If the boot drive is encrypted, and all data drives are encrypted, the security score is Good
If the necessary information cannot be collected, the security score is None
Drive lock status does not effect the security score
Firewall
If a network connection is connected, and the software firewall is not active, the security score is Poor
If a network connection is connected, and the software firewall is active, the security score is Good
If the necessary information cannot be collected, the security score is None
Local Administrators
It’s not possible to calculate a security score based on the number of local administrators on endpoints.
Instead, the number of local administrators on each endpoint is shown.
Pending Reboot
If no reboots are pending, the security score is Good
If a reboot is pending, the security score depends on the reboot severity.
Blocks other installations = Fair
Security patches awaits activation = Fair
Computer has been renamed = Poor
The computer awaits domain join = Poor
If the necessary information cannot be collected, the security score is None
Software
If an installed application is supported and up to date, the security score is Updated
If an installed application is supported but not up to date, the security score is Outdated
If the necessary information cannot be collected, the security score is None
Software is matched against the repository with applications provided by CapaOne Updater and is only shown on the Security Summary dashboard
Windows Update
If an update is installed, the security score is Good
If an updates is not installed, and the update is optional, the security score is Good
If an update is not installed, and a CVE article is linked to the update, the security score is Poor
If an update is not installed, and the update is not optional, and a CVE article is not linked, the security score depends on the MSRC Severity Rating
Critical or Important = Poor
Moderate, Low or None = Fair
If the necessary information cannot be collected, the security score is None
Recommendations
In general, higher security scores indicates a more secure system. A security score of Good indicates that the system is well-protected, while a security score of Poor indicates that the system is more vulnerable to attacks.
Here are some recommendations to improve security scores :
Keep the antivirus software up to date
Encrypt all hard drives
Enable the software firewall
Limit the number of local administrators
Reboot regularly
Install available Windows updates
By following the recommendations, security scores can be improved and make the system less vulnerable to attacks!
Â
Â
Â
Â