We’re updating Microsoft Secure Score improvement actions to ensure a more accurate representation of your organization’s security posture.
This update will include these new recommendations as Microsoft Secure Score improvement actions:
- Impersonation settings in anti-phishing policies in Microsoft Defender for Office 365
- Set the phishing email level threshold at 2 or higher
- Enable impersonated user protection
- Enable impersonated domain protection
- Ensure that mailbox intelligence is enabled
- Ensure that intelligence for impersonation protection is enabled
- Quarantine messages that are detected from impersonated users
- Quarantine messages that are detected from impersonated domains
- Move messages that are detected as impersonated users by mailbox intelligence
- Enable the ‘show first contact safety tip’ option
- Enable the user impersonation safety tip
- Enable the domain impersonation safety tip
- Enable the user impersonation unusual characters safety tip
- SharePoint Online:
- Sign out inactive users in SharePoint Online
We will continue to add suggested security improvement actions on an ongoing basis.
When this will happen
This roll out will start in mid-September and be completed by the end of September.
How this will affect your organization
The improvement actions listed above will be added to Microsoft Secure Score. Your score will be updated accordingly.
What you need to do to prepare
There’s no action needed to prepare for this change, your score will be updated accordingly. Microsoft recommends reviewing the improvement actions listed in Microsoft Secure Score.
Message ID: MC429465
Published: 12 September 2022
Updated: 12 September 2022
Platform: Online, World tenant