Microsoft Enhances Identity Security with New Secure Score Recommendations

Microsoft has announced the general availability of 11 new Identity Secure Score recommendations within Microsoft Entra, aimed at improving organizational security posture and providing actionable insights.

These recommendations are part of Microsoft’s ongoing efforts to enhance transparency in adoption and align with best practices and industry standards.

The new features are designed to minimize risks, safeguard assets, and improve employee productivity by offering clear, actionable steps for addressing security vulnerabilities.

Among the key recommendations are requiring multifactor authentication (MFA) for administrative roles to mitigate risks associated with compromised high-permission accounts.

It ensures all users can complete MFA to enhance device and data security, and enabling policies to block legacy authentication protocols like IMAP and POP3, which are often exploited in compromised sign-in attempts.

Additionally, Microsoft advises against periodic password expiration, citing research that shows such practices lead to weaker passwords.

Instead, organizations are encouraged to adopt strong, long-lasting passwords.

Other recommendations include protecting users with user risk and sign-in risk policies through Conditional Access configurations.

It enables password hash synchronization for hybrid identity setups, restricting user consent to verified applications to prevent malicious access, and implementing least-privileged administrative roles to reduce the risk of privilege escalation.

Microsoft also emphasizes the importance of having more than one Global Administrator for emergency access and enabling self-service password reset to reduce helpdesk dependency.

Secure Score Trend Chart and Detailed User Entities

To complement these recommendations, Microsoft Entra now includes a Secure Score Trend Chart that allows organizations to track their security progress over time.

This feature enables data-driven decision-making by providing historical secure score data accessible via the Tenant Secure Score API.

Additionally, a detailed list of user entities is now available, offering comprehensive insights into impacted user accounts.

Administrators can use this feature to validate risks and take targeted actions, with impacted resources accessible through the impacted resources API.

These updates reflect Microsoft’s commitment to delivering a holistic approach to digital security.

Organizations can access these recommendations by navigating to the Identity Secure Score section in the Microsoft Entra admin center or using the new Security Recommendations filter on the overview page.

Looking ahead, Microsoft plans to introduce Zero Trust recommendations and Microsoft Entra Suite guidance to further optimize security frameworks and product usage scenarios.

Also Read:

Recent Articles

Related Stories

LEAVE A REPLY

Please enter your comment!
Please enter your name here