Forum Discussion

Damir's avatar
Damir
Brass Contributor
May 19, 2023

Secure Score and New Intune Category Additions

Hello,

 

Our Secure Score added several Intune related items end of April 2023. Items such as "require screen time lockout", "require device encryption", "block jail broken devices", "require device PIN" etc... simple stuff. Items that we already had set up via Intune compliance policies and config profiles for years.

 

The problem is that the recommendations are not reflecting or updating based on our setup, so we are not getting completion credit for items that are already set up. Worse yet if I manually edit one of these new to us Intune recommendations and mark as mitigated through alternate it saves and then on page reload the change is immediately lost.

 

We have been using Intune for several years so these recommendations I assume did not show up due to any "new" changes or services added on our end.

 

Is this a bug or is there something wrong with our tenant? If so is there a contact address to reach out to anyone can suggest?

 

Thanks

  • Damir 

    Per the Secure Score update blog at https://learn.microsoft.com/en-us/microsoft-365/security/defender/microsoft-secure-score-whats-new?view=o365-worldwide#april-2023

    This was an intended change for all tenancies with an active "Defender for Cloud Apps" license. Can confirm these new controls are only present in tenancies with this license as I have a mix of customers with and without it.

    I can't for the life of me comprehend why so many "Intune" items were put under a "Defender for Cloud Apps" requirement since in theory you could have Defender for Cloud Apps WITHOUT an active Intune license and/or using/enrolling any devices in intune.

    Furthermore, from my testing these items are completely broken at the moment. Their "Implementation" information is laughable and getting credit for them is incredibly inconsistent. At the moment I am recommending to my team we mark all of them as "Alternate Mitigation" and move on with our lives.

    It's an embarrassment that this half-baked update was pushed to production. Microsoft should pull this back and fix all of these.

  • MzPhoenix's avatar
    MzPhoenix
    Copper Contributor

    Damir 

    Per the Secure Score update blog at https://learn.microsoft.com/en-us/microsoft-365/security/defender/microsoft-secure-score-whats-new?view=o365-worldwide#april-2023

    This was an intended change for all tenancies with an active "Defender for Cloud Apps" license. Can confirm these new controls are only present in tenancies with this license as I have a mix of customers with and without it.

    I can't for the life of me comprehend why so many "Intune" items were put under a "Defender for Cloud Apps" requirement since in theory you could have Defender for Cloud Apps WITHOUT an active Intune license and/or using/enrolling any devices in intune.

    Furthermore, from my testing these items are completely broken at the moment. Their "Implementation" information is laughable and getting credit for them is incredibly inconsistent. At the moment I am recommending to my team we mark all of them as "Alternate Mitigation" and move on with our lives.

    It's an embarrassment that this half-baked update was pushed to production. Microsoft should pull this back and fix all of these.

    • Damir's avatar
      Damir
      Brass Contributor

      MzPhoenixthat is good to know that something did change and it wasn't just us imagining things. Agree on all your points and yes we've gone down the Alternate Mitigation route ourselves as a "solution".

    • Urvi_Lad's avatar
      Urvi_Lad
      Copper Contributor
      Yes we have same issue. I have opened case with MS Defender support twice but no correct and satisfactory answer received yet.
  • ltfalconius's avatar
    ltfalconius
    Copper Contributor

    Damir we experience the exact same issue with the newly added actions.

    i opened up a service request for that allready: 2305161420000166

    • dbarcelona's avatar
      dbarcelona
      Copper Contributor
      I'm observing the same issue and would be interested in learning about any resolution you receive.

      Thanks
      • Damir's avatar
        Damir
        Brass Contributor
        I too opened a ticket and sent over some details to support with examples of what is going yestarday on but no feedback/resolution yet.

Resources