cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Secure score doesn't score if utilized via CA

Niklas Jern
Copper Contributor

‎Sep 08 2019 04:41 AM

‎Sep 08 2019 04:41 AM

Secure score doesn't score if utilized via CA

Hi,

 

Is it just me or is the secure score not scoring something that is implement it it being utilized via Conditional Access?

For example 'Require MFA for Azure AD privleged roles', we are using Condtional Access on all the admin roles. We still haven't score full points on this one.

 

Regards

 

1,093 Views
1 Like
4 Replies
Reply
4 Replies
Thomas Garrity

‎Sep 11 2019 01:17 PM

‎Sep 11 2019 01:17 PM

Re: Secure score doesn't score if utilized via CA

@Niklas Jern  you could use Azure AD's PIM so that you don't have any persistent global admins.  If you don't have persistent global admins, then there's nothing for the score reporting service to check against for ensuring that your global admins are MFA-protected.  That may end up getting you the score that you're after.

0 Likes
Reply
Niklas Jern

‎Sep 12 2019 08:46 AM

‎Sep 12 2019 08:46 AM

Re: Secure score doesn't score if utilized via CA

@Thomas Garrity The problem isn't the amount of GA. The issue is that Secure Score doesn't score properly when you have fulfilled the task via CA

0 Likes
Reply
Thomas Garrity

‎Sep 14 2019 02:31 PM

‎Sep 14 2019 02:31 PM

Re: Secure score doesn't score if utilized via CA

@Niklas Jernyou might be missing my point.  If you have 0 GA's, then maybe you get a full score because therefore none of your GA's would fall into the category of not being forced to MFA, since you don't have any GA's.

 

I believe it's worth a shot.  It doesn't hurt to spin up a trial instance to test it out...

0 Likes
Reply
Niklas Jern

‎Sep 15 2019 05:27 AM

‎Sep 15 2019 05:27 AM

Re: Secure score doesn't score if utilized via CA

@Thomas Garrity I get it, it might work with this work around . But it still doesn't fix that the secure score is broken. + PIM is an E5 functionality, that doesn't help either 

0 Likes
Reply