Microsoft Unveils New Identity Secure Score Recommendations in General Availability

Microsoft has announced the general availability of 11 new Identity Secure Score recommendations in Microsoft Entra, aimed at bolstering organizational security and providing actionable insights to mitigate risks.

The Identity Secure Score recommendations are designed to act as a trusted advisor, offering best practices rooted in industry standards to enhance security posture while improving employee productivity.

This latest release aligns with Microsoft’s commitment to transparency in adoption and advances the ongoing evolution of Microsoft Entra security recommendations.

These new recommendations emphasize critical security measures such as requiring multifactor authentication (MFA) for administrative roles, enabling sign-in and user risk policies, and adopting the principle of least privilege for role assignments.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free

Highlighted recommendations include preventing legacy authentication protocols, setting password policies to avoid expiration without reason, enabling password hash synchronization for hybrid environments, and restricting user application consent to verified publishers.

Other crucial recommendations include enabling self-service password reset, designating multiple Global Administrators for redundancy, and using Microsoft Entra ID risk policies to detect and address potential account compromises.

Trend Charts and User Entity Insights

Complementing these recommendations are two newly introduced features: the Secure Score Trend Chart and the Detailed List of User Entities.

The Secure Score Trend Chart enables organizations to track their security improvement over time, providing data-driven insights into how security measures impact overall protection.

These trends can also be accessed programmatically via the Tenant Secure Score API for broader integration.

The Detailed List of User Entities provides administrators with actionable insights into impacted users, making it easier to validate risks and initiate remediation steps.

Administrators can also retrieve impacted resource data using the impacted resources API.

Actionable Insights for Holistic Security

The new Identity Secure Score recommendations and features offer a comprehensive approach to mitigating threats.

Recommendations such as blocking legacy authentication known to be a common entry point for compromised sign-ins and protecting all users with MFA highlight Microsoft’s focus on proactive security measures.

Similarly, features like self-service password resets and least-privileged role assignments aim to enhance security without sacrificing ease of use or administrator efficiency.

Administrators can access these recommendations within the Microsoft Entra admin center by navigating to Identity > Overview > Recommendations and filtering by the “Identity Secure Score” category.

Alternatively, they can leverage the new Security Recommendations filter at the top of the overview page’s search bar to streamline recommendation discovery.

Microsoft has also hinted at the upcoming launch of Zero Trust recommendations to assist organizations in refining their Zero Trust security frameworks.

Additionally, Microsoft Entra Suite recommendations are on the horizon, designed to guide organizations in optimizing their usage of the Microsoft Entra Suite.

These future updates reflect Microsoft’s broader strategy to provide value-enhancing features and ensure seamless usability across its product portfolio.

With the general availability of these new Identity Secure Score recommendations, Microsoft reiterates its commitment to supporting organizations in addressing ever-evolving security challenges.

By integrating actionable insights, secure score trend tracking, and detailed user entity visibility, these enhancements are poised to empower IT administrators with the tools they need to safeguard their environments effectively.

Integrating Application Security into Your CI/CD Workflows Using Jenkins & Jira -> Free Webinar