cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Secure score not reflecting MFA

gerdus13
Copper Contributor

‎Apr 20 2021 07:14 AM - last edited on ‎May 24 2021 03:05 PM by

‎Apr 20 2021 07:14 AM - last edited on ‎May 24 2021 03:05 PM by

Secure score not reflecting MFA

We had a few users with MFA already enabled, some others without. We could see who had MFA enabled from the Secure Score recommendations. I started to implement per-user MFA (started with a conditional access policy for some users, but later went over to per-user) for those without so that we could improve our security score. I saw some improvements in the score (3 or 4 days ago now) but since yesterday the score has been significantly lower.

 

Now, under 

"MFA should be enabled on accounts with owner permissions on your subscription" and

"MFA should be enabled on accounts with write permissions on your subscription"

it shows that none of the users have MFA enabled, even when this is not the case.

 

I verified that MFA was enabled (and enforced in many cases) for those users, but this was not reflected in the Secure Score. (I know you don't get points for partially fulfilling criteria, I am talking about it not seeing ANY users with MFA enabled. I've waited a few days for the score to update, but saw no changes.

Can someone help me in this regard? We use the secure score as an important performance metric and this really has a large impact on it.

1,595 Views
0 Likes
3 Replies
Reply
3 Replies
gerdus13

‎Apr 23 2021 12:15 AM

‎Apr 23 2021 12:15 AM

Re: Secure score not reflecting MFA

@gerdus13 Can anyone provide me with an update for this?

0 Likes
Reply
SecOpsMike

‎Apr 23 2021 10:16 AM

‎Apr 23 2021 10:16 AM

Re: Secure score not reflecting MFA

Hi,

I work in Security and Compliance at Microsoft. Did you enable your CA policies through an Improvement Action through Secure Score? If so, it seems like a sync issue with the Secure Score service. Talk soon!
0 Likes
Reply
gerdus13

‎Apr 25 2021 11:08 PM

‎Apr 25 2021 11:08 PM

Re: Secure score not reflecting MFA

Hi @SecOpsMike, thanks for helping out.
We started off using our own CA policy, but then had to use the per-user MFA portal for some guest accounts. Do you maybe know how we can solve the sync issue with the Secure Score service if that is the problem?

0 Likes
Reply