MC408438 – Microsoft Secure Score is adding new improvement actions for Information Protection and anti-spam policies

cloudscout.one Icon

check before: 2022-08-16

Product:

Defender, Microsoft 365 Defender, Purview, Purview Communication Compliance, Purview Data Loss Prevention, Purview Information Protection

Platform:

World tenant

Status:

Change type:

Feature update, Admin impact

Links:

Details:

We’re updating Microsoft Secure Score improvement actions to ensure a more accurate representation of your organization’s security posture.
This update will include these new recommendations as Microsoft Secure Score improvement actions:
Information Protection
Extend M365 sensitivity labeling to assets in Azure Purview data map
Ensure Auto-labeling data classification policies are setup and used
Publish M365 sensitivity label data classification policies
Create Data Loss Prevention (DLP) policies
Anti-spam - Inbound policy
Set the email bulk complaint level (BCL) threshold to be 6 or lower
Set action to take on spam detection
Set action to take on high confidence spam detection
Set action to take on phishing detection
Set action to take on high confidence phishing detection
Set action to take on bulk spam detection
Retain spam in quarantine for 30 days
Ensure spam safety tips are enabled
Ensure that no sender domains are allowed for anti-spam policies. This new recommendation will replace “Ensure that there are no sender domains allowed for Anti-spam policies”. This improvement will now also ensure that no specific senders as well as sender domains are allowed for anti-spam policies.
Anti-spam - Outbound policy
Set maximum number of external recipients that a user can email per hour
Set maximum number of internal recipients that a user can send to within an hour
Set a daily message limit
Block users who reached the message limit
Set Automatic email forwarding rules to be system controlled
Anti-spam - Connection filter
Don't add allowed IP addresses in the connection filter policy
We will continue to add suggested security improvement actions on an ongoing basis.
[When this will happen:]
This roll out will start in mid-August and be completed by the end of August.

Change Category:
XXXXXXX ...

Scope:
XXXXXXX ...

Release Phase:

Created:
2022-08-04

updated:
2022-08-04

the free basic plan is required to see all details. Sign up here


A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.


Login to your account

Welcome Back, We Missed You!