cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Secure Score and preset security policies

RRELS15
Copper Contributor

‎Sep 22 2022 02:24 AM - edited ‎Sep 22 2022 03:38 AM

‎Sep 22 2022 02:24 AM - edited ‎Sep 22 2022 03:38 AM

Secure Score and preset security policies

Dear community members,

I have a 365 tenant with Business Standard and Defender for Office P1 licenses.

At the moment, Secure Score for this tenant is ~50%, even though Standard Protection preset policy is applied to all recipients.

If I also manually create all the different policies, Secure Score jumps to ~80%, however to my understanding this is purely cosmetic as these policies never get applied - the preset policy always take precedence.

Am I missing anything here, or Secure Score ignores preset policies?

 

EDIT:

One more example for this issue is that in Recommended Actions there are recommendations to enable Safe Links and Safe Attachments, which are already enabled by Standard Protection.

3,188 Views
0 Likes
6 Replies
Reply
6 Replies
RRELS15

‎Sep 25 2022 02:26 AM

‎Sep 25 2022 02:26 AM

Re: Secure Score and preset security policies

Anyone?... Are Microsoft Communities/Answers still alive?...
0 Likes
Reply
TomDufour

‎Oct 03 2022 08:50 AM - edited ‎Oct 03 2022 08:53 AM

‎Oct 03 2022 08:50 AM - edited ‎Oct 03 2022 08:53 AM

Re: Secure Score and preset security policies

I'm seeing the same behavior currently, adding my experience hoping someone has some insight here.

We've enable the standard protection policy for all recipients as of 9/30/22 and still are not seeing any points gained in the recommended actions the standard protection policy should cover, such as safe links/attachments and impersonated user/domain actions. I've seen many reports of the score updating being delayed, but I would expect it to be reflected by now. We've also confirmed policies are in effect for users manually so not a case of it being incorrectly applied. The security score "scanning" is still occurring at 8pm each day as well, just not catching and updating our score on policies added by the standard policy. @RRELS15 

1 Like
Reply
ADM_TOR

‎Oct 14 2022 01:46 PM

‎Oct 14 2022 01:46 PM

Re: Secure Score and preset security policies

I'm seeing the same thing with secure score not representing my settings via preset security policy. 

 

The number one top ranking secure score item in my tenant is "Create Safe Links policies for email messages " Implementation status: 100% of users aren’t affected by policies set from the following domains.... I have configured "Preset Security Policy" to "apply Protection to" "All Recipients". 

I have confirmed that Safelinks and Safe Attachments are defiantly working, I have seen it working and I have viewed the logs. 

 

I followed this guide to confirm that Standard Preset Security Policy is Enabled https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/preset-security-policie...

 

I recently saw a sharp dip in our secure score. 

I found this Message Centre MC429465 message about Secure score changes. 
 
it says the following items will now be scored in the secure score calculation:
  • Set the phishing email level threshold at 2 or higher
  • Enable impersonated user protection
  • Enable impersonated domain protection
  • Ensure that mailbox intelligence is enabled
  • Ensure that intelligence for impersonation protection is enabled
  • Quarantine messages that are detected from impersonated users
  • Quarantine messages that are detected from impersonated domains
  • Move messages that are detected as impersonated users by mailbox intelligence
  • Enable the ‘show first contact safety tip’ option
  • Enable the user impersonation safety tip
  • Enable the domain impersonation safety tip
  • Enable the user impersonation unusual characters safety tip
my understanding of the following link tells me that a lot of these settings should be set by the Standard Preset Security PolicyMicrosoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Micro...

 

It looks to me like the Standard Preset Security Policy is on, the settings are configured, but Secure Score is not reflecting that they are set, even after weeks since the Standard Preset Security Policy was set to protect "All Recipients" . 
 

I raised a case with Office365 Support to be sure that I had not made a misconfiguration and with the help of support was able to confirm that my settings were correct. 

Personally I do not like to see the low secure score number i am seeing but I'm not worried about it because I have checked my settings are valid and are working. 

 

Also, you i believe you are correct in what you said about Order of precedence for preset security policies and other policies. I had Custom policies for safe links and safe attachments, but I turned them off because Preset Security Policy was handling the settings. My Secure Score points regressed to 0 for these items once the custom policy was off. 

 

@RRELS15 

1 Like
Reply
RRELS15

‎Oct 19 2022 01:37 AM

‎Oct 19 2022 01:37 AM

Re: Secure Score and preset security policies

@ADM_TOR Thank you for your reply,

As you said - it's a purely cosmetic issue, but an annoying one. Microsoft Feedback team has contacted me and I provided them some additional information, I hope this will be resolved sometimes in the near future.

0 Likes
Reply
RRELS15

‎Nov 04 2022 08:45 AM

‎Nov 04 2022 08:45 AM

Re: Secure Score and preset security policies

@TomDufour
@ADM_TOR
Just wanted to let you guys know that the Secure Score issue was fixed, at least for me - please check your tenants as well. I'm at 85%, and recommendations are valid.
0 Likes
Reply
ADM_TOR

‎Nov 04 2022 09:55 AM

‎Nov 04 2022 09:55 AM

Re: Secure Score and preset security policies

@RRELS15 

Thanks for the notification. The secure score issue has recently been fixed in my tenant too. 

0 Likes
Reply