Microsoft Secure Score is adding new improvement actions for Information Protection and anti-spam policies

We’re updating Microsoft Secure Score improvement actions to ensure a more accurate representation of your organization’s security posture.

This update will include these new recommendations as Microsoft Secure Score improvement actions:

  • Information Protection
    1. Extend M365 sensitivity labeling to assets in Azure Purview data map
    2. Ensure Auto-labeling data classification policies are setup and used
    3. Publish M365 sensitivity label data classification policies
    4. Create Data Loss Prevention (DLP) policies
  • Anti-spam – Inbound policy
    1. Set the email bulk complaint level (BCL) threshold to be 6 or lower
    2. Set action to take on spam detection
    3. Set action to take on high confidence spam detection
    4. Set action to take on phishing detection
    5. Set action to take on high confidence phishing detection
    6. Set action to take on bulk spam detection
    7. Retain spam in quarantine for 30 days
    8. Ensure spam safety tips are enabled
    9. Ensure that no sender domains are allowed for anti-spam policies. This new recommendation will replace “Ensure that there are no sender domains allowed for Anti-spam policies”. This improvement will now also ensure that no specific senders as well as sender domains are allowed for anti-spam policies.
  • Anti-spam – Outbound policy
    1. Set maximum number of external recipients that a user can email per hour
    2. Set maximum number of internal recipients that a user can send to within an hour
    3. Set a daily message limit
    4. Block users who reached the message limit
    5. Set Automatic email forwarding rules to be system controlled
  • Anti-spam – Connection filter
    1. Don’t add allowed IP addresses in the connection filter policy

When this will happen:

We will continue to add suggested security improvement actions on an ongoing basis.

This roll out will start in mid-August and be completed by the end of August.

How this will affect your organization:

The improvement actions listed above will be added to Microsoft Secure Score. Your score will be updated accordingly.

What you need to do to prepare:

There’s no action needed to prepare for this change, your score will be updated accordingly. Microsoft recommends reviewing the improvement actions listed in Microsoft Secure Score.  

Message ID: MC408438


No comments yet

Leave a Reply


I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.

%d bloggers like this: