Security Scores

Description

Security scores are automatically calculated and presented with a name and color.

Good indicates that everything is fine and further attention is not needed

Fair indicates that something might be wrong and attention is advised

Poor indicates that something is wrong and action is required

image-20240503-063856.png

How security scores are calculated

Antivirus

If the antivirus engine is not running, the security score is Poor

If the antivirus engine is running, but the virus definition updates are not up to date, the security score is Fair

If the antivirus engine is running, and the virus definition updates are up to date, the security score is Good

If the necessary information cannot be collected, the security score is None

Drivers

If the hardware model is supported and the drivers are up to date, the security score is Updated

If the hardware model is supported and the drivers are not up to date, the security score is Outdated

If the hardware model is not supported or necessary information is missing, the security score is None *

Drivers are matched against the repository with driver packs provided by CapaOne Drivers and are only shown on the Security Summary dashboard

Encryption

If the boot drive is not encrypted, the security score is Poor

If the boot drive is encrypted, and no data drives exists, the security score is Good

If the boot drive is encrypted, but one or more data drives are not encrypted, the security score is Fair

If the boot drive is encrypted, and all data drives are encrypted, the security score is Good

If the necessary information cannot be collected, the security score is None

Drive lock status does not effect the security score

Firewall

If a network connection is connected, and the software firewall is not active, the security score is Poor

If a network connection is connected, and the software firewall is active, the security score is Good

If the necessary information cannot be collected, the security score is None

Local Administrators

It’s not possible to calculate a security score based on the number of local administrators on endpoints.

Instead, the number of local administrators on each endpoint is shown.

Pending Reboot

If no reboots are pending, the security score is Good

If a reboot is pending, the security score depends on the reboot severity.

  • Blocks other installations = Fair

  • Security patches awaits activation = Fair

  • Computer has been renamed = Poor

  • The computer awaits domain join = Poor

If the necessary information cannot be collected, the security score is None

Software

If an installed application is supported and up to date, the security score is Updated

If an installed application is supported but not up to date, the security score is Outdated

If the necessary information cannot be collected, the security score is None

Software is matched against the repository with applications provided by CapaOne Updater and is only shown on the Security Summary dashboard

Windows Update

If an update is installed, the security score is Good

If an updates is not installed, and the update is optional, the security score is Good

If an update is not installed, and a CVE article is linked to the update, the security score is Poor

If an update is not installed, and the update is not optional, and a CVE article is not linked, the security score depends on the MSRC Severity Rating

  • Critical or Important = Poor

  • Moderate, Low or None = Fair

If the necessary information cannot be collected, the security score is None


Recommendations

In general, higher security scores indicates a more secure system. A security score of Good indicates that the system is well-protected, while a security score of Poor indicates that the system is more vulnerable to attacks.

Here are some recommendations to improve security scores :

  • Keep the antivirus software up to date

  • Encrypt all hard drives

  • Enable the software firewall

  • Limit the number of local administrators

  • Reboot regularly

  • Install available Windows updates

By following the recommendations, security scores can be improved and make the system less vulnerable to attacks!

 

 

 

Â