Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
SOLVED

Secure Score not Scoring....

Brass Contributor

I struggle with this thing. Idea seems great in principle but I cannot see how secure score understands anything going on in a tenancy. We have enabled MFA conditional access for our GA's a year ago. Secure score says we haven't ?  Secure score says we need to enable audit data recording. We have and often use the auditing capability in Security & Compliance so why isn't Secure Score picking this telemetry up? Our score should be almost 100 points higher than it is if it were accuratley getting data.

1 Reply
best response confirmed by Kevin Spreadbury (Brass Contributor)
Solution

Hi Kevin,

 

Sorry for the confusion and issues you are having.  Let me explain why you are not getting the points you expect. 

 

For MFA, we don't have the telemetry for conditional access wired in so this is why you are not getting the points.  If you enabled MFA without conditional access you would get the points.  We have seen other organizations with the same issue and this is on our list of items to work on in the future.

 

For enable audit data recording, this control should have the text "[Not Scored]" in front of it.  This means we don't have the telemetry wired up for it and we are not providing the points.  Note that these points are not part of your denominator though.  If you have enabled this, then you will automatically get the points when we wire the telemetry in. 

1 best response

Accepted Solutions
best response confirmed by Kevin Spreadbury (Brass Contributor)
Solution

Hi Kevin,

 

Sorry for the confusion and issues you are having.  Let me explain why you are not getting the points you expect. 

 

For MFA, we don't have the telemetry for conditional access wired in so this is why you are not getting the points.  If you enabled MFA without conditional access you would get the points.  We have seen other organizations with the same issue and this is on our list of items to work on in the future.

 

For enable audit data recording, this control should have the text "[Not Scored]" in front of it.  This means we don't have the telemetry wired up for it and we are not providing the points.  Note that these points are not part of your denominator though.  If you have enabled this, then you will automatically get the points when we wire the telemetry in. 

View solution in original post