Cannot turn off Strict Preset Security policy

Alex Findlay 21 Reputation points
2023-05-04T04:02:24.6966667+00:00

We had previously enabled the Strict Presen Security Policy, but it was interfering too much with core work so we have had to scale it back, however I cannot turn off or delete the strict preset security policies, I have turned it off at the top level and made it apply to nothing, however the policy still shows int eh Anti Phishing section.

User's image

User's image

I try removing and turning it off, but neither work

User's image

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,188 questions
Microsoft Intune Security
Microsoft Intune Security
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
330 questions
0 comments
Accepted answer
  1. Akshay-MSFT 16,026 Reputation points Microsoft Employee
    2023-05-08T11:25:23.18+00:00

    @Anonymous

    Thank you for posting your query on Microsoft Q&A. From the above description, I could understand that you did enable strict protection and later disabled it, but it still shows enabled under Anti-phishing policies, but you want it to be disabled from everywhere.

    Please do correct me if this is not the case.

    I did try to reproduce the issue in my tenant by first enabling the policy :

    User's image

    • When I tried to turn it Off It did turned off from Anti-phishing section as well:

    User's image

    Get-EOPProtectionPolicyRule -Identity "Strict Preset Security Policy" | Format-Table Name,State

    • Run the following command to turn off the Standard preset security policy if it's turned on:

    Disable-EOPProtectionPolicyRule -Identity "Strict Preset Security Policy"

    • In organizations with Defender for Office 365, run the following command to determine whether the rules for the Standard preset policy are currently enabled or disabled:

    **Write-Output -InputObject ("rn"*3),"EOP rule - Strict preset security policy",("-"63);Get-EOPProtectionPolicyRule -Identity "Strict Preset Security Policy" | Format-Table Name,State; Write-Output -InputObject rn,"Defender for Office 365 rule - Strict preset security policy",("-"63);Get-ATPProtectionPolicyRule -Identity "Strict Preset Security Policy" | Format-Table Name,State

    • Run the following command to turn off the Standard preset security policy if it's turned on:**
      Disable-EOPProtectionPolicyRule -Identity "Strict Preset Security Policy"; Disable-ATPProtectionPolicyRule -Identity "Strict Preset Security Policy"**

    Please do let me know if you still face the issue.

    Thanks,

    Akshay Kaushik

    Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.

    2 people found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest