Secure Score Summary value wrong direction?

Deleted
Not applicable

We've come in today (UK) to find our Secure Score value has decreased from 108 to 42 even though we have made steps forward since the 108 was registered. Secure Score isn't validating things like MFA enablement for admins, nor recognising that we do in fact have global admins.

 

Is this just for our tenancy or is this a global issue?

 

 

12 Replies

there must be some telemetry reporting issue as the scores are going down in the last 3 days. We went from 470 to 230

I was once at 435 before plateauing at 399.  Just in the last 2 weeks, I have seen it drop down to 314 (today).  I wish that if the telemetry cannot be confirmed, then the points should not be deducted.  Obviously, there is some sort of error occurring that I would get dinged for not having more than one global administrator (we have 9... complicated reasons and also due to some apps needing global administrator in order to administer them), use non-global administrative roles (we have a whole bunch), enable data loss prevention policies (even the description says we have 9 enabled), user alternate contact info says we have 0 people who have not completed it, store documents in OneDrive for Business says we have it set to True (but someone stated that there was another reason why this was taken away, even though I personally store documents in there), etc.  

 

Secure Score is a great concept and I use it to remind me of the administrative tasks that I should take.  It is kind of fun to try and get the score to inch up.  But, if the checks are not reliably being made, then the secure score does not have much meaning.  Hopefully, they will be able to fix the issues soon.

I had a 100 point drop in 1 day.  Based on the discussion, it seems there should be some form of alerting or notices with with telemetry changes or risks.  I share the score with our C-Level executives.  But I may have to change due to the un-controlled variability.  

 

Can a Microsoft professional weight in?

That echoes my worry, we tout the scores as being a sign of how we are looking to be security conscious but then a telemetry goes offline etc and we look like we have broken stuff!

I agree, we were quite excited to find the feature and thought it would be of great use to help us ensure we were filling the holes. Now it has started failing to detect our changes it has taken the shine off somewhat.

My Score dropped on Nov 2nd when Microsoft added the Compliance Control Information to MS Secure Score.  Some of the items that I had implemented and are still active now have a score of 0.  

Checking back to see if anyone got a response from Microsoft?

That's a negative Norm. Nada from the big M

There seems to be some issue with the api. We have that problem too. Using the graph api, you can see with /security/secureScores that since 13-nov-2018 it's not returning data from many controls. Checking against /security/secureScoreControlProfiles, those controls are NOT deprecated so it suggest something on MS dailyprocesing is broken.

 

We've alse created a post in the graph api community (secure score api now technically belongs there) https://techcommunity.microsoft.com/t5/Using-Microsoft-Graph-Security/Secure-Score-Identity/m-p/2864...

Now it shows the correct values

My score went up overnight.  Still 40 points lower than earlier in the week.  

We are back to where we were before we made all the changes so at least that is a step forward. Still not registering our recent changes so maybe we will get them on the next update @ 9am PST. 🙂