Merge pull request #253337 from shlipsey3/recommendations-092923

recommendations-092923

Author: JamesJBarnett

.openpublishing.redirection.active-directory.json

@@ -5460,6 +5460,11 @@
       "redirect_url": "/azure/active-directory/fundamentals/concept-fundamentals-security-defaults",
       "redirect_document_id": true
     },
+    {
+      "source_path_from_root": "/articles/active-directory/fundamentals/identity-secure-score.md",
+      "redirect_url": "/azure/active-directory/reports-monitoring/concept-identity-secure-score",
+      "redirect_document_id": true
+    },
     {
       "source_path_from_root": "/articles/active-directory/reports-monitoring/reference-azure-ad-sla-performance.md",
       "redirect_url": "/azure/active-directory/reports-monitoring/reference-sla-performance",

articles/active-directory/fundamentals/media/identity-secure-score/identity-secure-score-overview.png

@@ -1,62 +1,72 @@
 ---
-title: What is identity secure score?
-description: Learn how to use the identity secure score to improve the security posture of your directory.
+title: What is the identity secure score?
+description: Learn how to use the identity secure score to improve the security posture of your Microsoft Entra tenant.
 
 services: active-directory
 ms.service: active-directory
 ms.subservice: fundamentals
 ms.topic: conceptual
-ms.date: 09/12/2023
+ms.date: 10/03/2023
 
-ms.author: joflore
-author: MicrosoftGuyJFlo
+ms.author: sarahlipsey
+author: shlipsey3
 manager: amycolannino
 ms.reviewer: guptashi
+
+# Customer intent: As an IT admin, I want to know how to use the identity secure score and related recommendations to improve the security posture of my Microsoft Entra tenant.
+
 ---
 # What is identity secure score?
 
 The identity secure score is shown as a percentage that functions as an indicator for how aligned you are with Microsoft's recommendations for security. Each improvement action in identity secure score is tailored to your configuration.  
 
-![Secure score](./media/identity-secure-score/identity-secure-score-overview.png)
+![Secure score](./media/concept-identity-secure-score/recommendations-identity-secure-score.png)
 
 This score helps to:
 
 - Objectively measure your identity security posture
 - Plan identity security improvements
 - Review the success of your improvements
 
-You can access the score and related information on the identity secure score dashboard. On this dashboard, you find:
+You can access the score and view individual recommendations related to your score in Microsoft Entra recommendations. You can also view the score and the full identity secure score dashboard, which compares your score to other tenants in the same industry and of a similar size. The dashboard also shows how your score has changed over time.
 
-- Your identity secure score
-- A comparison graph showing how your Identity secure score compares to other tenants in the same industry and similar size
-- A trend graph showing how your Identity secure score has changed over time
-- A list of possible improvements
-
-By following the improvement actions, you can:
+By following the improvement actions in the Microsoft Entra recommendations, you can:
 
 - Improve your security posture and your score
 - Take advantage the features available to your organization as part of your identity investments
 
 ## How do I get my secure score?
 
-Identity secure score is available to free and paid customers. 
+Identity secure score is available to free and paid customers.
 
 1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Global Reader](../roles/permissions-reference.md#global-reader).
-1. Browse to **Protection** > **Identity Secure Score**.
+1. Browse to **Protection** > **Identity Secure Score** to view the dashboard.
+
+The score and related recommendations are also found at **Identity** > **Overview** > **Recommendations**.
 
 ## How does it work?
 
-Every 48 hours, we look at your security configuration and compare your settings with the recommended best practices. Based on the outcome of this evaluation, a new score is calculated for your directory. It’s possible that your security configuration isn’t fully aligned with the best practice guidance and the improvement actions are only partially met. In these scenarios, you're awarded a portion of the max score available for the control.
+Every 24 hours, we look at your security configuration and compare your settings with the recommended best practices. Based on the outcome of this evaluation, a new score is calculated for your directory. It’s possible that your security configuration isn’t fully aligned with the best practice guidance and the improvement actions are only partially met. In these scenarios, you're awarded a portion of the max score available for the control.
+
+### Working with improvement actions on the dashboard
 
 Each recommendation is measured based on your configuration. If you're using third-party products to enable a best practice recommendation, you can indicate this configuration in the settings of an improvement action. You may set recommendations to be ignored if they don't apply to your environment. An ignored recommendation doesn't contribute to the calculation of your score.
 
-![Ignore or mark action as covered by third party](./media/identity-secure-score/identity-secure-score-ignore-or-third-party-reccomendations.png)
+![Ignore or mark action as covered by third party](./media/concept-identity-secure-score/identity-secure-score-ignore-or-third-party-reccomendations.png)
 
 - **To address** - You recognize that the improvement action is necessary and plan to address it at some point in the future. This state also applies to actions that are detected as partially, but not fully completed.
-- **Planned** - There are concrete plans in place to complete the improvement action.
 - **Risk accepted** - Security should always be balanced with usability, and not every recommendation works for everyone. When that is the case, you can choose to accept the risk, or the remaining risk, and not enact the improvement action. You aren't awarded any points, and the action isn't visible in the list of improvement actions. You can view this action in history or undo it at any time.
+- **Planned** - There are concrete plans in place to complete the improvement action.
 - **Resolved through third party** and **Resolved through alternate mitigation** - The improvement action has already been addressed by a third-party application or software, or an internal tool. You're awarded the points the action is worth, so your score better reflects your overall security posture. If a third party or internal tool no longer covers the control, you can choose another status. Keep in mind, Microsoft has no visibility into the completeness of implementation if the improvement action is marked as either of these statuses.
 
+### Working with secure score recommendations
+
+Identity secure score improvement actions also appear in Microsoft Entra recommendations. They both appear in the same list, but the secure score recommendations show the score.
+
+![Screenshot of the recommendations list with the secure score recommendations highlighted.](./media/concept-identity-secure-score/secure-score-recommendations-list.png)
+
+To address a secure score recommendation, select it from the list to view the details and action plan. If you take the appropriate action, the status changes automatically the next time the service runs. You can also mark the recommendation as *dismissed* or *postponed*. For more information on working with recommendations, see [How to use recommendations](./howto-use-recommendations.md).
+
 ## How does it help me?
 
 The secure score helps you to:
@@ -67,6 +77,8 @@ The secure score helps you to:
 
 ## What you should know
 
+There are several things to consider when working with your identity secure score.
+
 ### Who can use the identity secure score?
 
 To access identity secure score, you must be assigned one of the following roles in Microsoft Entra ID.
@@ -101,7 +113,9 @@ Actions labeled as [Not Scored] are ones you can perform in your organization bu
 
 ### How often is my score updated?
 
-The score is calculated once per day (around 1:00 AM PST). If you make a change to a measured action, the score will automatically update the next day. It takes up to 48 hours for a change to be reflected in your score.
+The score is calculated once per day (around 1:00 AM PST). If you make a change to a measured action, the score will automatically update the next day. It may take up to 48 hours for a change to be reflected in your score.
+
+![Screenshot of the secure score with the last updated date and time highlighted.](./media/concept-identity-secure-score/secure-score-refresh-time.png)
 
 ### My score changed. How do I figure out why?
 
@@ -113,7 +127,7 @@ No, secure score doesn't express an absolute measure of how likely you're to get
 
 ### How should I interpret my score?
 
-Your score improves for configuring recommended security features or performing security-related tasks (like reading reports). Some actions are scored for partial completion, like enabling multi-factor authentication (MFA) for your users. Your secure score is directly representative of the Microsoft security services you use. Remember that security must be balanced with usability. All security controls have a user impact component. Controls with low user impact should have little to no effect on your users' day-to-day operations.
+Your score improves for configuring recommended security features or performing security-related tasks (like reading reports). Some actions are scored for partial completion, like enabling multifactor authentication (MFA) for your users. Your secure score is directly representative of the Microsoft security services you use. Remember that security must be balanced with usability. All security controls have a user impact component. Controls with low user impact should have little to no effect on your users' day-to-day operations.
 
 To see your score history, head over to the [Microsoft 365 Defender portal](https://security.microsoft.com/) and review your overall Microsoft secure score. You can review changes to your overall secure score be clicking on View History. Choose a specific date to see which controls were enabled for that day and what points you earned for each one.
 
@@ -127,8 +141,4 @@ The [Microsoft secure score](/office365/securitycompliance/microsoft-secure-scor
 - Infrastructure
 - Apps
 
-The identity secure score represents the identity part of the Microsoft secure score. This overlap means that your recommendations for the identity secure score and the identity score in Microsoft are the same.
-
-## Next steps
-
-[Find out more about Microsoft secure score](/office365/securitycompliance/microsoft-secure-score)
+The identity secure score represents the identity part of the Microsoft secure score. This overlap means that your recommendations for the identity secure score and the identity score in Microsoft are the same.

articles/active-directory/fundamentals/identity-secure-score.md renamed to articles/active-directory/reports-monitoring/concept-identity-secure-score.md

@@ -1,15 +1,14 @@
 ---
 title: What are Microsoft Entra recommendations?
-description: Provides a general overview of Microsoft Entra recommendations.
+description: Provides a general overview of Microsoft Entra recommendations so you can keep your tenant secure and healthy.
 services: active-directory
 author: shlipsey3
 manager: amycolannino
 ms.service: active-directory
 ms.topic: overview
-ms.tgt_pltfrm: na
 ms.workload: identity
 ms.subservice: report-monitor
-ms.date: 09/21/2023
+ms.date: 10/03/2023
 ms.author: sarahlipsey
 ms.reviewer: hafowler  
 
@@ -19,30 +18,36 @@ ms.reviewer: hafowler
 
 # What are Microsoft Entra recommendations?
 
-Keeping track of all the settings and resources in your tenant can be overwhelming. The Microsoft Entra recommendations feature helps monitor the status of your tenant so you don't have to. The Microsoft Entra recommendations feature helps ensure your tenant is in a secure and healthy state while also helping you maximize the value of the features available in Microsoft Entra ID.
+Keeping track of all the settings and resources in your tenant can be overwhelming. The Microsoft Entra recommendations feature helps monitor the status of your tenant so you don't have to. These recommendations help ensure your tenant is in a secure and healthy state while also helping you maximize the value of the features available in Microsoft Entra ID.
 
-The Microsoft Entra recommendations feature provides you with personalized insights with actionable guidance to:
+Microsoft Entra recommendations now include *identity secure score* recommendations. These recommendations provide similar insights into the security of your tenant. Identity secure score recommendations include *secure score points*, which are calculated as an overall score based on several security factors. For more information, see [What is Identity Secure Score](concept-identity-secure-score.md). 
+
+All these Microsoft Entra recommendations provide you with personalized insights with actionable guidance to:
 
 - Help you identify opportunities to implement best practices for Microsoft Entra ID-related features.
 - Improve the state of your Microsoft Entra tenant.
 - Optimize the configurations for your scenarios.
 
-This article gives you an overview of how you can use Microsoft Entra recommendations. As an administrator, you should review your tenant's Microsoft Entra recommendations, and their associated resources periodically. 
-
-## What it is 
+This article gives you an overview of how you can use Microsoft Entra recommendations.
 
-The Microsoft Entra recommendations feature is the Microsoft Entra specific implementation of [Azure Advisor](../../advisor/advisor-overview.md), which is a personalized cloud consultant that helps you follow best practices to optimize your Azure deployments. Azure Advisor analyzes your resource configuration and usage data to recommend solutions that can help you improve the cost effectiveness, performance, reliability, and security of your Azure resources.
+## How does it work?
 
-*Microsoft Entra recommendations* use similar data to support you with the roll-out and management of Microsoft's best practices for Microsoft Entra tenants to keep your tenant in a secure and healthy state. The Microsoft Entra recommendations feature provides a holistic view into your tenant's security, health, and usage. 
+On a daily basis, Microsoft Entra ID analyzes the configuration of your tenant. During this analysis, Microsoft Entra ID compares the configuration of your tenant with security best practices and recommendation data. If a recommendation is flagged as applicable to your tenant, the recommendation appears in the **Recommendations** section of the Microsoft Entra identity overview area. The recommendations are listed in order of priority so you can quickly determine where to focus first.
 
-## How it works
+![Screenshot of the Overview page of the tenant with the Recommendations option highlighted.](./media/overview-recommendations/recommendations-overview.png) 
 
-On a daily basis, Microsoft Entra ID analyzes the configuration of your tenant. During this analysis, Microsoft Entra ID compares the data of a recommendation with the actual configuration of your tenant. If a recommendation is flagged as applicable to your tenant, the recommendation appears in the **Recommendations** section of the Identity Overview area. The recommendations are listed in order of priority so you can quickly determine where to focus first.
+Your identity secure score, which appears at the top of the page, is a numerical representation of the health of your tenant. Recommendations that apply to the Identity Secure Score are given individual scores in the table at the bottom of the page. These scores are added up to generate your Identity Secure Score. For more information, see [What is identity secure score](concept-identity-secure-score.md).
 
-![Screenshot of the Overview page of the tenant with the Recommendations option highlighted.](./media/overview-recommendations/recommendations-overview.png) 
+![Screenshot of the identity secure score.](./media/overview-recommendations/identity-secure-score.png)
 
 Each recommendation contains a description, a summary of the value of addressing the recommendation, and a step-by-step action plan. If applicable, impacted resources associated with the recommendation are listed, so you can resolve each affected area. If a recommendation doesn't have any associated resources, the impacted resource type is *Tenant level*, so your step-by-step action plan impacts the entire tenant and not just a specific resource.
 
+## Are Microsoft Entra recommendations related to Azure Advisor?
+
+The Microsoft Entra recommendations feature is the Microsoft Entra specific implementation of [Azure Advisor](../../advisor/advisor-overview.md), which is a personalized cloud consultant that helps you follow best practices to optimize your Azure deployments. Azure Advisor analyzes your resource configuration and usage data to recommend solutions that can help you improve the cost effectiveness, performance, reliability, and security of your Azure resources.
+
+Microsoft Entra recommendations use similar data to support you with the roll-out and management of Microsoft's best practices for Microsoft Entra tenants to keep your tenant in a secure and healthy state. The Microsoft Entra recommendations feature provides a holistic view into your tenant's security, health, and usage. 
+
 ## Recommendation availability and license requirements
 
 The recommendations listed in the following table are currently available in public preview or general availability. The license requirements for recommendations in public preview are subject to change. The table provides the impacted resources and links to available documentation.
@@ -60,8 +65,3 @@ The recommendations listed in the following table are currently available in pub
 | [Renew expiring service principal credentials](recommendation-renew-expiring-service-principal-credential.md) | Applications | [Microsoft Entra Workload ID Premium](https://www.microsoft.com/security/business/identity-access/microsoft-entra-workload-id) | Preview |
 
 Microsoft Entra-only displays the recommendations that apply to your tenant, so you may not see all supported recommendations listed.
-
-## Next steps
-
-* [Learn how to use Microsoft Entra recommendations](howto-use-recommendations.md)
-* [Explore the details of the "Turn off per-user MFA" recommendation](recommendation-turn-off-per-user-mfa.md)