Forum Discussion
MicrosoftAnnouncement: Office 365 Secure Score Released to Public Preview
Another issue with Secure Score.
"You should require that all of your users reset their password at least every 60 days"
This is no longer current best practice where strong passphrases and 2FA are used since more rapid enforced change of passwords leads to the use of weaker ones.
403
Sorry! Access denied :(
You don't have permission to open this page. If you're a new user or were recently assigned credentials, please wait 15 minutes and try again.
Anyone else seeing this?
Same thing is happened to me. I'm not a global admin.
Does anyone know what's the minimum access required to access this feature?
wrote:
Unable to access this, I get the following:
403
Sorry! Access denied :(
You don't have permission to open this page. If you're a new user or were recently assigned credentials, please wait 15 minutes and try again.
Anyone else seeing this?I have the same problem
403
Sorry! Access denied :(
Chris Roberts wrote:
Unable to access this, I get the following:
403
Sorry! Access denied :(
You don't have permission to open this page. If you're a new user or were recently assigned credentials, please wait 15 minutes and try again.
Anyone else seeing this?- BrandonKoeller
Hey Anil,
Are you setup as some kind of admin in the tenancy in question? You'll need to be an admin to get access.
Thanks!
Brandon Koeller
- Thanks Brandon for quick response. I understand now how it works. I am following your video posted here. very useful :)
my interest is more towards understand the impact of Skype for business online related to secure score.
for example, if we enable federation with another organization or if any parameters / policies such as allowing file share or allowing app share etc in skype , will it impact the overall secure score?
interested in learning more architectural parameters related to secure score, which will help me with right conversations with customers and partners on this subject..
thanks for your help
- BrandonKoeller
Hey Chris,
Sorry for the trouble. The most likely cause is that the acocunt you are using has not been assigned the global administrator role. The Secure Score requires that privilege level at the moment.
Thanks!
Brandon Koeller
- InfoSec teams who'd find securescore useful for GRC purposes wouldnt want or shouldn't get the permission required to access it. Segregation of roles associated with access to this kind of functionality would be v useful.
- BrandonKoeller
Hey John,
Thanks for the feedback. So, the way the access model is implemented users of the tool are only able to perform actions that align with their assigned role. So, if a control requires global admin permissions and the user is assigned an Exchange Online Admin role, they won't be able to make the change. This leaves some roles such as Security Administrator as functionally read-only roles. Most of the read-only state and configuration data is already accessible to all those roles anyway (although it would take more work to get the state data). We tried to strike a balance between exposure of the recommendations to the right set of company stakeholders while respecting the constraints of their assigned roles.
Thanks!
Brandon Koeller
Thanks for the reply, however I'm using my account and I am a global administrator.
