Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
SOLVED

Secure score not updating

Copper Contributor

After making a few changes and waiting 24 hours, the secure score was updated on the security  and compliance dashboard but not the secure score dashboard. I attached some photos of what I mean,

 

This is from the security and compliance dashboard 

secureity.PNG

 

And this is from the secure score dashboard

security2.PNG

I have tried multiple browsers and cleared cache, cookies, etc

17 Replies
Personally I've seen Secure Score take almost 48 hours to update on a few occasions, so you may need to wait a bit more. The fact that the two are not in sync seems a bit unusual though; I would suggest waiting a little longer, and then opening a support ticket through your Microsoft 365 portal if the issue persists. Seems like a backend issue.

Best of luck!
best response confirmed by Max Fritz (Iron Contributor)
Solution

Hi Daniel,

 

If this is not fixed yet, please use the feedback button in Secure Score (look in bottom right of the screen)and let us know.  Doing this gives us your tenant information so we can investigate this.

 

Thanks!

Here is what it looks like now, the last change was made July 3rd. It looks like it did eventually update but they are still out of sync.

 

Security and compliance dashboard

security1.PNG

 

Secure score dashboard

security2.PNG

Hi Daniel,

 

If you can file feedback via Secure Score that would be great.  I check my demo tenant this morning and I don't see this issue so it might be something localized to your tenant.

Hi @Anthony Smith (A.J.)

Secure score is not updating for below mentioned actions:

 

Require mobile devices to use alphanumeric password. fail Policy already in place
Review blocked devices report weekly to verify after 48 hours 01-04
Activate mobile device management services fail already activated
Require mobile devices to use encryption to verify after 48 hours 01-04
Require mobile devices to lock if inactive
Require mobile devices to manage email profile
Require mobile devices to have minimum password length
Require mobile devices to never expire passwords
Require mobile devices to use a password
Reduce mobile device password re-use
Require mobile devices to block access and report policy violations
Block jail broken or rooted mobile devices from connecting
Do not allow simple passwords on mobile devices
Require mobile devices to wipe on multiple sign-in failures
Activate Information Rights Management (IRM) services failed
Do not use mail forwarding rules to external domains
Review malware detections report weekly
Use non-global administrative roles
Set up Office 365 ATP Safe Attachments
Set up Office 365 ATP Safe Links to verify URLs
Enable self-service password reset updated on 02-04
Set up versioning on SharePoint online document libraries
Set outbound spam notifications

 

 

I have file a feedback using securescore portal. COuld you please assign someone to look into it?

@himanshusingh, let me add in @Chris Hallum who might be able to assist as he is now the Secure Score product manager.

@Chris Hallum,


Could you please assign someone to look into the issue I have reported.

Safe Attachments and Safe Links still not being scored for me.

@Chris Hallum,

Can anyone look into the issue?

 

Secure score is not updating for below mentioned actions:


Activate Information Rights Management (IRM) services
Do not use mail forwarding rules to external domains
Review malware detections report weekly
Use non-global administrative roles
Set up Office 365 ATP Safe Attachments
Set up Office 365 ATP Safe Links to verify URLs
Enable self-service password reset 
Set up versioning on SharePoint online document libraries
Set outbound spam notifications

 

 

I have filed a feedback using securescore portal. Could you please assign someone to look into it?

 

@himanshusingh 

 

I am having the same issues, and I also submitted feedback in the Secure Score portal.

 

Specifically, it does not appear to score:

 

Require MFA for all users (perhaps it doesn't like that I do it via Conditional Access policies)

Turn on mailbox auditing for all users

Set up Office 365 ATP Safe Attachments
Set up Office 365 ATP Safe Links to verify URLs

 

I'm sure there are more, but those are the most obvious ones.

 

I'm also stymied by the "not scored" text. For example, I turned on outbound spam notifications long ago. Secure Score gives me no points for it. If I click "Apply" on that item, it shows me the address that's already set to receive outbound spam notifications, and I click ok. It then says:

Set outbound spam notifications [Not Scored] Complete

Your score will increase by 15 points within 24 hours (Given that the control is scored.)

 

I... have no idea what this means. It is not scored. It is worth 15 points, and I will get those points if the control is scored. Huh?

@Chris Hallum 

 

Just looking to see if there is an update on this.  I am seeing the same issue in relation to:

 

Set up Office 365 ATP Safe Links to verify URLs
Set up Office 365 ATP Safe Attachment policies

 

not scoring and both policies have been in place for some months now.

 

thanks,

David

@Chris Hallum 

 

I am seeing the same issue in relation to a number of different policies, all of which are not scoring and yet remediation has been in place for over 6 months.  

 

Have to say... if the scoring process isn't accurate we basically can't trust it and it therefore becomes irrelevant.

 

Would be great to get an update on when this is likely to become a reliable metric.

 

Thanks

 

Mike

 

Exactly the same issue here - I have more than 10 (and counting them up as they are checked) recommendations relating to Cloud App Security which are all marked "Completed" in CAS but cannot be marked as completed in Security Centre (Complete radial button is greyed out and cannot be changed)

We have same problem. Many policies do not update automatically, specifically many items associated with Intune. 

 

If we set an item to "implemented" and "tested" manually, it initially becomes all the 27 points, but is reset back to "Could not be detected" after some time.

 

@Chris Hallum 

any news on this problem? how to get the automatic scanner working? (our setting is of course set to "Turn on for all improvement actions"). The tenant is ca. 2 years old now.

 

 

I am also having this issue. What's most annoying is that actions manually marked as 'implemented' are being undone by the automated scan.

An example of this is "Block jail broken and rooted mobile devices" - I can see the deployed device compliance policy that has this setting enabled, but the compliance manager seems to reject it and deduct the points back to 0/27.

I can't make progress on the secure score if I have to continuously address things I've already implemented. Is this being caused by something I am doing wrong, or is there a fix in the works to resolve this issue on Microsoft's side?

@TomAtkins I too have the same issue. I wonder if you were ever able to get this working? 

I opened a call using the chat option and got routed to basic support who did the best they could to help. 

It seams odd to me that years later this still seams to be an issue. There could be a recommendation on how to force this or re-audit. It is hard to know if I am making a mistake, something is broken, or there is a license issue that is preventing the updates. 


Really old thread but I think I'm having the same issue all of a sudden.
1 best response

Accepted Solutions
best response confirmed by Max Fritz (Iron Contributor)
Solution

Hi Daniel,

 

If this is not fixed yet, please use the feedback button in Secure Score (look in bottom right of the screen)and let us know.  Doing this gives us your tenant information so we can investigate this.

 

Thanks!

View solution in original post