Search

MC574388 – (Updated) Microsoft Secure Score is Adding New Improvement Actions (archived)

Microsoft Exchange Logo

check before: 2023-06-21

Product:

Azure Active Directory, Defender, Defender for Identity, Defender for Office 365, Entra, Entra ID, Exchange, LinkedIn, Microsoft 365 Defender, OneDrive, Purview Information Protection, SharePoint

Platform:

Online, World tenant

Status:

Change type:

Admin impact, Feature update, Updated message, User impact

Links:

Details:

Updated June 30, 2023: Based on customer feedback we have updated the recommendations listed. Thank you for your feedback.
We are updating Microsoft Secure Score improvement actions to ensure a more accurate representation of security posture.
[When this will happen:]
Rollout will begin in mid-July (previously mid-June) and is expected to be complete by late July (previously late June).

Change Category:
XXXXXXX ...

Scope:
XXXXXXX ...

Release Phase:

Created:
2023-06-07

updated:
2023-07-01

the free basic plan is required to see all details. Sign up here


A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.


changes*

DatePropertyoldnew
2023-07-01MC MessagesUpdated June 20, 2023: We have updated the rollout timeline below. Thank you for your patience.
We are updating Microsoft Secure Score improvement actions to ensure a more accurate representation of security posture.
[When this will happen:]
Rollout will begin in mid-July (previously mid-June) and is expected to be complete by late July (previously late June).
Updated June 30, 2023: Based on customer feedback we have updated the recommendations listed. Thank you for your feedback.
We are updating Microsoft Secure Score improvement actions to ensure a more accurate representation of security posture.
[When this will happen:]
Rollout will begin in mid-July (previously mid-June) and is expected to be complete by late July (previously late June).
2023-07-01MC How AffectThe following Microsoft Defender for Identity recommendations will be added as Microsoft Secure Score improvement actions:
Recommend customers without an active workspace and reporting sensors to start the onboarding
Accounts with password set to never expire
Suspicious accounts with Admin SDHolder permission
Accounts with password older than 180 days
Non-admin accounts with DCSync permissions
Local admins on identity assets
The following existing Microsoft Defender for Identity recommendations has been updated:
Resolve unsecure account attributes - added the ‘SPN Set’ attribute has unsecure account attribute.
Remove dormant accounts from sensitive groups - dormant account now defined as account who didn’t perform logon activity for more than 90 days (was 180).
The following new Microsoft Information Protection recommendation will be added as Microsoft Secure Score improvement action:
Ensure Microsoft 365 audit log search is enabled
The following new Exchange Online recommendation will be added as Microsoft Secure Score improvement actions:

Ensure modern authentication for Exchange Online is enabled
Ensure MailTips are enabled for end users
The following new Azure Active Directory recommendations will be added as Microsoft Secure Score improvement actions:

Ensure that password protection is enabled for Active Directory
Ensure that LinkedIn contact synchronization is disabled
In order to view those new controls, Office 365 connector in Microsoft defender for cloud apps must be toggled on via the App connectors settings page.
The following SharePoint new recommendations will be added as Microsoft Secure Score improvement actions:
Block OneDrive for Business sync from unmanaged devices
Ensure document sharing is being controlled by domains with whitelist or blacklist
In order to view those new controls, Office 365 connector in Microsoft defender for cloud apps must be toggled on via the App connectors settings page.
The following Google workspace recommendation will be added as Microsoft Secure Score improvement actions:
Enable multi-factor authentication (MFA)
In order to view this new control, Google workspace connector in Microsoft defender for cloud apps must be configured via the App connectors settings page.
We have updated the Secure Score improvement action for the following Microsoft Defender for Office 365 recommendation:
Set action to take on bulk spam detection -Currently, you receive points by configuring this recommendation and choosing the action "MoveToJMF". From today, you'll also receive points when you choose the "Quarantine" action.
The following Microsoft Defender for Identity recommendations will be added as Microsoft Secure Score improvement actions:
Remove the attribute 'password never expires' from accounts in your domain
Remove access rights on suspicious accounts with the Admin SDHolder permission
Manage accounts with passwords more than 180 days old
Remove local admins on identity assets
Remove non-admin accounts with DCSync permissions
Start your Defender for Identity deployment, installing Sensors on Domain Controllers and other eligible servers
The following Google workspace recommendation will be added as Microsoft Secure Score improvement actions:
Enable multi-factor authentication (MFA)
In order to view this new control, Google workspace connector in Microsoft defender for cloud apps must be configured via the App connectors settings page.
We have updated the Secure Score improvement action for the following Microsoft Defender for Office 365 recommendation:
Set action to take on bulk spam detection -Currently, you receive points by configuring this recommendation and choosing the action "MoveToJMF". From today, you'll also receive points when you choose the "Quarantine" action.
2023-07-01MC Last Updated06/20/2023 18:51:002023-06-30T18:51:38Z
2023-06-21MC MessagesWe are updating Microsoft Secure Score improvement actions to ensure a more accurate representation of security posture.
[When this will happen:]
Rollout will begin in mid-June 2023 and is expected to be complete by late June 2023.
Updated June 20, 2023: We have updated the rollout timeline below. Thank you for your patience.
We are updating Microsoft Secure Score improvement actions to ensure a more accurate representation of security posture.
[When this will happen:]
Rollout will begin in mid-July (previously mid-June) and is expected to be complete by late July (previously late June).
2023-06-21MC TitleMicrosoft Secure Score is Adding New Improvement Actions(Updated) Microsoft Secure Score is Adding New Improvement Actions
2023-06-21MC Last Updated06/07/2023 01:20:262023-06-20T18:51:00Z
2023-06-21MC MessageTagNamesFeature update, User impact, Admin impactUpdated message, Feature update, User impact, Admin impact
2023-06-21MC End Time07/31/2023 09:00:002023-09-04T09:00:00Z

*starting April 2022

Last updated 6 months ago

Share to MS Teams

Login to your account

Welcome Back, We Missed You!