check before: 2025-01-15
Product:
Defender, Defender for Identity, Defender XDR, Entra
Platform:
Online, US Instances, World tenant
Status:
Change type:
Feature update, User impact, Admin impact
Links:
Details:
Summary:
Microsoft Secure Score will update with new Microsoft Defender for Identity recommendations to better reflect security posture. Two new recommendations are being added for Entra Connect accounts, which will affect the Secure Score. Rollouts begin mid-January 2025 for Public Preview and mid-February 2025 for General Availability. No admin action is required for the update.
Details:
We're updating Microsoft Secure Score improvement actions of Microsoft Defender for Identity to ensure a more accurate representation of security posture. With this rollout, we are adding two new Microsoft Defender for Identity posture recommendations regarding Entra Connect accounts that will be added as Microsoft Secure Score improvement actions:
Remove unsafe permissions on Microsoft Entra Connect accounts
Replace Enterprise or Domain Admin Account for AD DS (Active Directory Domain services) Connector account
Your score will be updated accordingly.
[When this will happen:]
Public Preview: We will begin rolling out mid-January 2025 and expect to complete by late January 2025.
General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out mid-February 2025 and expect to complete by late February 2025.
Note: To provide the recommendation as quickly as possible, we will introduce it to your environment at the earliest opportunity, rather than on the regular monthly schedule.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2024-12-27
updated:
2024-12-27
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
Microsoft is enhancing its Secure Score by adding new recommendations focused on Entra Connect accounts, including removing unsafe permissions and replacing high-level admin accounts with more secure options, with these updates automatically rolling out in January 2025.
Direct effects for Operations**
Change in Security Posture Representation
The introduction of new recommendations may lead to a sudden change in the organization's security posture as reflected in the Microsoft Secure Score, potentially causing confusion among users and admins regarding their security status.
- roles: IT Admin, Security Officer
- references: https://techcommunity.microsoft.com/t5/security-compliance-identity/microsoft-defender-for-identity-new-recommendations-for/ba-p/3851230
User Awareness and Training Needs
With the new recommendations, users may need additional training or awareness regarding the changes in security practices, which could lead to temporary disruptions in their workflow if not properly communicated.
- roles: End User, IT Support
- references: https://techcommunity.microsoft.com/t5/security-compliance-identity/microsoft-defender-for-identity-new-recommendations-for/ba-p/3851230
Configutation Options**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 4 weeks ago