Forum Discussion
Solved
Secure Score not Scoring....
Hi there,
I've been using Secure Score for a few months now to test the security baseline and see how customers can get the most out of it. However every Tuesday I do the weekly reports which ...
- PM Sent...
I am having the same issues, MS security scorecard not updating after 72 hours. Please can you help.
- Anthony Smith (A.J.)
Microsoft
Hi James and Juan,
I have alerted the development team that the score has not updated recently. For the reports issue please make sure that you are accessing the report from Secure Score by pressing the "review" button. If you are not using the Secure Score user interface and going directly to the report, no points will be provided as the underlying report does not have any telemetry on if you viewed it.
If you are using the review button, please use the feedback link in the bottom right of any Secure Score page to tell us. This way we can get your tenant information which helps us in our investigation.
Hi Anthony,
it has been a long time now since this threat started. I have seen changes happening where a score was given and then suddenly weeks/months later it was removed, without changes, no real hint on what caused the loss of the score.
In one of my tenants I see for example "Turn on audit data recording [Not Scored]" with 15/15 points, but some other items with [Not Scored], that were completed, are really not scored, getting 0 points. This is confusing.
I am responsible for multiple Office 365 tenants (over 30) and I can see changes and differences from one to the other with respect to Secure Score.
Will this Secure Score system be "fixed" in the near future? I would really like to be able to rely on the score. And, if changes are applied by Microsoft that break a previously good working security configuration, then it would be very helpful to receive/see details about it, so that it can be put back in place quickly. It would be very helpful to be able to apply a security configuration, really get the score and then be able to rely on it.
Chris HallumHi geekworld, recently there was at least one improvement action where the data we needed for scoring was no longer going to be accessible and thus we were forced to switch the item to Not Scored. The story behind this is long and complex but we hope to bring it back to a "Scored" state in the future. We apologize for the inconvenience and will work to try an ensure this type of issue doesn't reoccur in the future.
Regarding the the following comment I want to make sure I'm interpreting it correctly and not making any incorrect assumptions:
"In one of my tenants I see for example "Turn on audit data recording [Not Scored]" with 15/15 points, but some other items with [Not Scored], that were completed, are really not scored, getting 0 points."
For "Turn on audit data recording [Not Scored]" with 15/15 point" it sound like you're saying the item is now automatically getting scoring data and that we need to remove the "[Not Scored]" text from the title. Correct?
For "some other items with [Not Scored], that were completed, are really not scored, getting 0 points." it sounds like you are saying you used the Resolved through third-party" option and you didn't get the points added to your score. Correct?
Thanks,
Chris Hallum
- Having the same issue, have also hit the review button. Using a GA account to perform all tasks but does nothing for the score.
Same here. Same as all the rest. Score doesn't seem to change after doing as suggested.
I am a little confused about the "Enforce MFA for All Users" option. I had assumed that if each user opted to set up MFA on their own, this would show as enabled? It didn't.
I think it is the way I read the word "enforced". I was afraid that some people might not understand the necessity for it. I opted to tell them all to use the link provided. If everyone is now using MFA then it shouldn't be a problem for me to "Enforce" their use?
I don't want to surprise everyone with a "new request" for input of additional phone numbers.
