Forum Discussion

akiraasano's avatar
akiraasano
Copper Contributor
Dec 28, 2021

Secure Score dropped from 78% to 73%

I have been creating policies and recommendation policies thru PowerShell, Intune Management and all other security recommendations. Secure score updates every 24hrs and would need to clear your cache to show the updated score (MS support advised this). I have reached it to 78% but then after a few days it went down to 73% for some reason. I am pretty sure that the policies have bee applied successfully and was able to check the status via system logs as well.

 

I'm currently talking to a MS support but they said that when creating MS Intune policies, this doesn't add score hence it also reduces the score?

  • IvoMaas140's avatar
    IvoMaas140
    Brass Contributor
    I've seen this happen before. Actually secure score looks at what you currently have in use and then sees if you have configured the appropiate settings to protect your environment. For example if you use exchange online, have you configured Advanced threat protection features and anti-spam features.

    However what i usually see happening, is one of the following:
    1. a new feature has been released. This is made available in your environment. As you have not made any configurations in your environment, the score drops on a security level.
    2. you have added a high level of licenses. For example e-3 and add some e-5 licenses. This way new features become available.
    3. secure score doesn't take into account if you use 3rd party tools to protect certain aspects of your environment. so you need to descope those topics/items from your secure score.
    4. Some secure score topics are about processing logs. if you do not do this on a timely basis, this will drop again.
    5. Microsoft did a revision of their secure score topics. For example is nist or cis comes out with new regulations and standards, there is a good chance the microsoft secure score will also be adjusted.

    just remember 2 things:
    1. it's not about getting the highest score possible. It's about getting security to work for you and to match your business objectives. Nobody achieves a 100% secure score. Hence it shouldn't even be a goal.
    2. Security is ever changing. Keep this in mind. What you configure today, may be outdated tomorrow. Adapt on this.

Resources