Microsoft Secure Score is adding new improvement actions

We’re updating Microsoft Secure Score improvement actions to ensure a more accurate representation of your organization’s security posture.

This update will include these new recommendations as Microsoft Secure Score improvement actions:

• Impersonation settings in anti-phishing policies in Microsoft Defender for Office 365
  • Set the phishing email level threshold at 2 or higher
  • Enable impersonated user protection
  • Enable impersonated domain protection
  • Ensure that mailbox intelligence is enabled
  • Ensure that intelligence for impersonation protection is enabled
  • Quarantine messages that are detected from impersonated users
  • Quarantine messages that are detected from impersonated domains
  • Move messages that are detected as impersonated users by mailbox intelligence
  • Enable the ‘show first contact safety tip’ option
  • Enable the user impersonation safety tip
  • Enable the domain impersonation safety tip
  • Enable the user impersonation unusual characters safety tip
• SharePoint Online:
  • Sign out inactive users in SharePoint Online

We will continue to add suggested security improvement actions on an ongoing basis.

When this will happen:

This roll out will start in mid-September and be completed by the end of September.

How this will affect your organization:

The improvement actions listed above will be added to Microsoft Secure Score. Your score will be updated accordingly.

What you need to do to prepare:

There’s no action needed to prepare for this change, your score will be updated accordingly. Microsoft recommends reviewing the improvement actions listed in Microsoft Secure Score.