While Microsoft Secure Score recommendations are useful for hardening overall security posture, they’re not always actionable due to licensing constraints.
Based on your experience here, it sounds like some of the recommendations aren’t actionable, due to the available licensing in the tenant.
Even if you’re unable to use Conditional Access Policies because the tenant doesn’t have an Entra ID Premium P1 or P2 license (as community member @des.quinn pointed out), you should still secure all administrative accounts with MFA through either Security Defaults (recommended) or Per User MFA.
It sounds like the tenant also doesn’t have a Defender for Endpoint license. While Defender for Endpoint is a powerful tool for hardening your security posture, you won’t be able to action these recommendations without a license.
If this is your tenant, evaluate whether Entra ID Premium/Business Premium and Defender for Endpoint is the right solution for your organization. If this tenant belongs to one of your customers, this is a great opportunity to talk to them about their security concerns and goals and align their Microsoft licensing accordingly.
@Soulitek While I can’t necessarily confirm with any certainty that SentinalONE is the right XDR/Endpoint solution for your customer. It’s a popular choice in this space.
Today, Microsoft doesn’t automatically recognize 3rd party solutions as satisfying their Secure Score Recommendations. However, you can manually flag recommendations as having been met by a 3rd party solution.
The report can customise a colour, which is great for MSP branding, but the front page is light, so picking a colour from our palette would need to be dark. The issue is the other pages with pictures are dark, so a lighter colour palette needs to be used.
Could there potentially have multiple colour choices in future updates please?
(also had to manually approve the app, and could do with a non-GA version for client prospecting)
The report has some useful info but the PDF report is Lacking and needs changes.
When changing colors it constantly tries to update causing the browser to hang for significant time.
We need a place to put our logo to customize it for our customers assuming this is to go to customers.
The customers do not need the Syncro advertisement page for XMM at the end.
There are many useful data points that are missing between the report results and the PDF document. For instance, it gives you the secure score with your industry average in the results where you stand to the industry average does not show in the PDF.
The unused licenses needs to Filter out free licenses. the report for one of my customers shows over a million unused licenses and that is incorrect. It also has problems with licenses showing them unused when they are not assignable type licenses like additional Sharepoint storage and virtual machines.
Unlicensed users needs additional detail to show inactive unlicensed users the because most of us Convert users to shared mailboxes when they are offboarded and those show as a calculation of inactive users.
I’ve added your suggestions to our hit list of features and fixes to snapshot. Adding logos and making the Syncro page optional are already priority updates to snapshot.
Thank you for taking the time to let us know how we can make Snapshot even better!
