Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

SecureScore Intune Configuration Recommendations without devices

Copper Contributor

I am trying to maximize our SecureScore for our tenant.

 

We are a Windows/iOS/Android only tenant. No macOS devices at all.

 

SecureScore has a policy "Ensure that mobile devices require complex passwords (Simple Passwords = Blocked)" that says "Note: This recommendation is relevnat only for MacOS." (the misspelling is on the page too).

 

Since we still can get points for this, I made a policy following the instructions perfectly:

 

Prerequisites
You have Microsoft Defender for Cloud Apps.
Next steps
To set mobile device management profiles, use the Microsoft Intune admin center: 

Select Devices, then under Policy select Configuration profiles 
If there are no policies, select Create Policy.
Set a Name for the policy, choose MacOS in the Platform and under Profile type select Device restrictions.
Click on the new policy name.
Under Configuration settings click Edit.
In the Password section, ensure that Simple Passwords is set to Blocked. 
If there are existing policies, per each MacOS policy -
Click on the policy name.
Under Configuration settings click Edit.
In the Password section, ensure that Simple Passwords is set to Blocked. 
Note: this setting is only for MacOS policies.

 

However, it has been over a week and we have no points.

 

I opened a ticket with MS #2312010040005555. They've sent me here for community feedback on this.

 

The current belief with support and me is quite simply: "Our understanding is that you will not get SecureScore points if you don't have a MacOS device for this particular configuration".

 

Can I get any validation on this from the community?

0 Replies