MC816173: Microsoft Defender for Identity: New recommendations for Microsoft Secure Score

Announcement IDMC816173Published Date07-17-2024
ServiceMicrosoft365DefenderLast Updated07-17-2024
CategoryStay informedExpiration Date10-31-2024
Roadmap IDAction Required by Date
TagsAdmin impact, New feature


Summary
                Microsoft Defender for Identity will introduce new recommendations to Microsoft Secure Score, enhancing security posture accuracy. These recommendations include Azure SSO account configurations and actions for Microsoft Entra Connect accounts. Rollout starts mid-August 2024, completing by mid-September 2024, with no admin action required before the rollout.


More Information

Coming soon for Microsoft Defender XDR | Microsoft Defender for Identity: We̢۪re adding to Microsoft Secure Score improvement actions to ensure a more accurate representation of security posture. We will update your score automatically.

When this will happen:

General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out mid-August 2024 and expected to complete by mid-September 2024.

How this will affect your organization:

In the Defender for Identity portal, we will add these new Microsoft Defender for Identity recommendations as Microsoft Secure Score improvement actions:

  • Azure SSO account configuration: Password last set more than 90 days ago
  • Azure SSO account configuration: Resource Based Constrained Delegation configured
  • Remove unnecessary replication permissions for Microsoft Entra Connect accounts
  • Rotate password for Entra Connect connector users

These new identity recommendations are new security posture reports related to group policy objects and hybrid identities.

These new identity recommendations are new security posture reports related to hybrid identities and will be available by default only to customers who have installed an MDI sensor on Entra Connect server.

What you need to do to prepare:

We recommend reviewing the improvement actions listed in Microsoft Secure Score. We will continue to add suggested security improvement actions on an ongoing basis.

This rollout will happen automatically by the specified date with no admin action required before the rollout. You may want to notify your admins about this change and update any relevant documentation.

Previous Post Next Post