cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Safe Links policies for email messages

SeniorBraddah
Copper Contributor

‎Apr 21 2022 08:28 AM

‎Apr 21 2022 08:28 AM

Safe Links policies for email messages

I've been monitoring our secure score pretty hard lately and noticed "9 points regressed for Create Safe Links policies for email messages".   I went to our Safe Links policy and sure enough, the two recommended items were already configured.  I restarted the policy, and i'm waiting for the "real-time" secure score to update, but it is not. 

 

How do you guys go about resolving issues like this?

Labels:
3,213 Views
0 Likes
15 Replies
Reply
15 Replies
snickadmin

‎Apr 22 2022 06:51 AM

‎Apr 22 2022 06:51 AM

Re: Safe Links policies for email messages

@SeniorBraddah 

 

Same thing here. I'm trying to improve score and created the necessary policies which made me gain some points. Suddenly, one day, I regressed 9 points, next day gained 9 points again, only to lose them again the following day.  No changes were made to the organisation or policies. 

 

Safe Links Policy states that 100% of my users are affected by this policy. So they are all covered.

 

Anyone have a clue? 

0 Likes
Reply
Marius_S

‎Apr 23 2022 03:12 AM - edited ‎Apr 26 2022 12:32 AM

‎Apr 23 2022 03:12 AM - edited ‎Apr 26 2022 12:32 AM

Re: Safe Links policies for email messages

Same issue here. Regressed 9 points for the Safe Links suddenly on Apr. 20.
Double checked the policy (which of course was not even changed) and all seems according to recommendation.

0 Likes
Reply
baluntz

‎Apr 25 2022 05:42 AM

‎Apr 25 2022 05:42 AM

Re: Safe Links policies for email messages

Same exact issue here. Regressed 9 points for Safe Links on Apr. 20. No change was made to the policy at the time. Tried disabling and re-enabling the policy. Also verified that safe links is still re-writing our URLs. Points have not come back since.
0 Likes
Reply
Maxim_van_Luttikhuizen

‎Apr 25 2022 06:54 AM

‎Apr 25 2022 06:54 AM

Re: Safe Links policies for email messages

Same here. Today I created a new policy with the same settings and applied it to one user (Also excluded that user from the original policy). Hopefully that will be scored in which case I will assign all users to the new policy and delete the old one. If it doesn't work, I will at least see if the implementation status is updated (both policies should appear). If the status is updated but the scoring is not, I will change the status manually to "Resolved through alternate mitigation". Once every 3 months, I analyze all the items with status other then "Completed" to see if detection has improved or previously accepted risks are still acceptable.
0 Likes
Reply
Cristian_N

‎Apr 25 2022 01:44 PM

‎Apr 25 2022 01:44 PM

Re: Safe Links policies for email messages

Same issue here. Regressed almost 8 points for Safe Links on Apr. 20th.
0 Likes
Reply
T_Kujala

‎Apr 26 2022 12:21 AM

‎Apr 26 2022 12:21 AM

Re: Safe Links policies for email messages

Same here. Has anyone solved the problem?
0 Likes
Reply
Maxim_van_Luttikhuizen

‎Apr 26 2022 01:15 AM - edited ‎Apr 28 2022 01:47 AM

‎Apr 26 2022 01:15 AM - edited ‎Apr 28 2022 01:47 AM

Re: Safe Links policies for email messages

@SeniorBraddah The test I started yesterday (see my other comment) has been completed. I created a new policy with the correct settings and assigned it to a single user. Secure Score now mentions both policies with the correct number of users and states that both policies are configured less securely than recommended.

 

So it seems the detection is incorrect.

 

0 Likes
Reply
Marius_S

‎Apr 26 2022 01:21 AM

‎Apr 26 2022 01:21 AM

Re: Safe Links policies for email messages

"are not configured" or "are configured" less securely?
0 Likes
Reply
SeniorBraddah

‎Apr 26 2022 08:34 AM

‎Apr 26 2022 08:34 AM

Re: Safe Links policies for email messages

@Marius_S@Maxim_van_Luttikhuizen 

Thanks for your input in this thread. Our Safe links check looks like it corrected itself on the 24th and gained us 9 points, hooray! I am still having a few other checks not reporting correctly, but I have been checking the policy is in place, and marking the status as "resolved through alternate mitigation". 

Fair warning though, you can only mark the status for App and Identity actions.

 

Brandon

0 Likes
Reply
AndrewEI

‎Apr 27 2022 03:17 AM

‎Apr 27 2022 03:17 AM

Re: Safe Links policies for email messages

@SeniorBraddah 

Can confirm, this is happening to me too.
I have two fresh tenancies i'm building for clients.

Implementation status
100% of users are affected by policies that are configured less securely than is recommended

 

AndrewEI_0-1651054648463.png

 

0 Likes
Reply
Maxim_van_Luttikhuizen

‎Apr 28 2022 01:48 AM

‎Apr 28 2022 01:48 AM

Re: Safe Links policies for email messages

@Marius_S: Thanks, I fixed my post to clear the confusion.
0 Likes
Reply
Marius_S

‎Apr 28 2022 03:52 AM - edited ‎Apr 29 2022 05:21 AM

‎Apr 28 2022 03:52 AM - edited ‎Apr 29 2022 05:21 AM

Re: Safe Links policies for email messages

@SeniorBraddah marking as "resolved through alternate mitigation" means that even if you delete the Safe Links policy the points will still be granted. Not an ideal solution if you really want to track the score.

 

Hopefully Microsoft will fix this issue soon as it becomes annoying.

0 Likes
Reply
Cristian_N

‎Apr 29 2022 05:15 AM - edited ‎May 18 2022 05:38 PM

‎Apr 29 2022 05:15 AM - edited ‎May 18 2022 05:38 PM

Re: Safe Links policies for email messages

Finally, I got my points back!

0 Likes
Reply
Marius_S

‎May 01 2022 09:48 PM

‎May 01 2022 09:48 PM

Re: Safe Links policies for email messages

And finally on May 1st I've got my points back. Seems Microsoft has fixed the detection. I hope also for you all.
0 Likes
Reply
Maxim_van_Luttikhuizen

‎May 02 2022 12:26 AM

‎May 02 2022 12:26 AM

Re: Safe Links policies for email messages

Confirmed that detection has been fixed for my tenant at least.
0 Likes
Reply