check before: 2024-07-01
Product:
Defender, Defender for Identity, Defender XDR
Platform:
US Instances, World tenant
Status:
Change type:
Feature update, Admin impact
Links:
Details:
Summary:
The Microsoft Secure Score improvement action for Microsoft Defender for Identity is being updated to better reflect security posture. The recommendation to manage accounts with passwords older than 180 days will be removed from the UI, with the score adjusted accordingly. Rollout starts mid-July 2024, no admin action needed.
Details:
We're updating the Microsoft Secure Score improvement action of Microsoft Defender for Identity (MDI) to ensure a more accurate representation of security posture.
As part of this update, we will gradually withdraw the MDI recommendation on Manage accounts with passwords more than 180 days old.
We are working to refine the security assessment report, ensuring it aligns more accurately with recommended policies and enhances the overall security value.
[When this will happen:]
General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out in mid-July 2024 and expect to complete by mid-August 2024.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2024-06-27
updated:
2024-08-10
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
Pictures
XXXXXXX ... free basic plan only
Direct effects for Operations**
- Direct Impact on IT Operations
- Removal of the recommendation to manage accounts with passwords older than 180 days
- Potential increase in security risks if users continue to use outdated passwords, leading to possible unauthorized access.
- Roles impacted: Security Administrators, IT Operations Managers
- Adjustments in security monitoring and reporting processes may be required to reflect the new scoring system.
- Roles impacted: IT Security Analysts, Compliance Officers
- Direct Impact on IT Services and Users
- Changes in Microsoft Secure Score metrics and reporting
- Users may perceive a decline in their security posture if they do not understand the rationale behind the score adjustment, potentially leading to confusion or lack of trust in security measures.
- Roles impacted: End Users, IT Support Staff
- Documentation and training materials may need to be updated to reflect the new recommendations and scoring criteria, which could temporarily disrupt user training sessions or onboarding processes.
- Roles impacted: IT Trainers, Documentation Specialists
References:
- Microsoft Secure Score documentation: [Microsoft Secure Score](https://docs.microsoft.com/en-us/microsoft-365/security/defender/secure-score?view=o365-worldwide)
- Microsoft Defender for Identity overview: [Microsoft Defender for Identity](https://docs.microsoft.com/en-us/defender-for-identity/defender-for-identity)
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 2 months ago