Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Secure Score not recording settings

Copper Contributor

I have been using Secure Score to analyze my tenant security.  In the area of mobile devices, I have signed up and have been using Intune.  Secure Score does not seem to properly recognize my Intune installation and pull the settings correctly.  In particular the "Enable mobile device management services" and subsequent settings.  Is this broken or just broken for my tenant?

3 Replies

Hi Daryl,

The "Enable mobile device management services" and other MDM settings are looking at the use of the Office 365 built in MDM funcationality not Intune.  We are currently working on supporting Intune, but until then you can mark control(s) as covered by a 3rd party product to get the points.

That would work if the option to mark Third Party Product was available.  It's not.

 

In addition, I have tried to enable customer lockbox - that doesn't work.  

Also, when I review reports - it doesn't record that either.

Neither does Set Outbound spam notifications.

 

I'm questioning the accuracy of this system.  

 

It would be nice instead of having to record "reviewing reports", you could just have the reports sent to me.  

Hi Daryl,

When I look inside a test tenant that does not have the "Enable mobile device management services" enabled setup, I get the the 3rd party option.  Can you please check again to see if you already enabled the Office 365 MDM solution?  If you have not, please use the feedback button in the bottom right of the Secure Score user interface to send us the details of your tenant so we can look at the issue.

 

For the customer lockbox issue, can you confirm that you own the feature?  This is something that only customers who bought Office 365 E5 or the Advanced Compliance SKU will have.  If you do own it then please use the feedback button in the bottom right corner of the Secure Score UI and send us your tenant info so we can investigate.

 

For reports, you have to view them by going through Secure Score, going directly to the report will not record the points. 

 

For the outbound spam notifications, this control is tagged as "[Not Scored]" which means

the Secure Score team has not found the backend data source for the control in question and incorporated it into the score calculation. We are working on reducing the number of Not Scored objects, but we have had so much feedback on the product, we have prioritized other features (like the 3rd party and ignore buttons).

 

I like your idea on the sending the reports.  I will talk with the engineering team about it.  My concern though is that would people actually read them if they were emailed or would people consider them junk?