| title | Settings insight | |
|---|---|---|
| description | Settings insight provides peer benchmarking information during security baseline configuration, showing when organizations similar to yours use Microsoft's recommended default values. | |
| author | BrenDuns | |
| ms.author | brenduns | |
| ms.date | 02/10/2026 | |
| ms.topic | overview | |
| ms.reviewer | Lavanya.lakshman | |
| ms.collection |
|
Settings insight provides peer benchmarking information during security baseline configuration. When you configure specific security baselines in Intune, you might see light bulb icons next to certain settings. These icons indicate that organizations with similar characteristics to yours, like industry type and organization size, commonly use Microsoft's recommended default value for that setting.
This article explains what Settings insight shows, where it's available, and how the recommendations are determined.
Settings insight is currently available for the following Intune security baselines:
- Microsoft Edge Baseline
- Microsoft 365 Apps for Enterprise Security Baseline
Settings insight offers context about peer behavior, not prescriptive guidance. The feature:
- Shows when similar organizations commonly use Microsoft's recommended default value for a setting.
- Appears as light bulb icons next to settings during baseline configuration.
- Functions as positive reinforcement when peer behavior aligns with Microsoft's security recommendations.
- Doesn't suggest alternative values or configurations.
Settings insight is informational. You remain responsible for evaluating each setting against your organization's security requirements, compliance obligations, and operational needs.
-
Licensing/Subscriptions: You must have a Microsoft Intune Plan 1 license to use Settings insight. For more information, see Licenses available for Microsoft Intune.
-
Permissions: Endpoint Security Administrators can create a profile using Baselines.
To learn more about this Intune built-in role, see Role-based access control (RBAC) with Intune and Built-in role permissions for Intune.
-
Sign in to the Microsoft Intune admin center.
-
Select Endpoint security > Security baselines to view the list of available baselines.
-
Select Microsoft Edge Baseline or Microsoft 365 Apps for Enterprise Security Baseline, and then select Create profile.
-
On the Basics tab, specify the Name and Description properties.
-
Select Next to go to the Configuration settings tab.
-
Expand the groups of Settings to view individual configuration options. Light bulb icons appear next to settings where peer benchmarking data is available.
:::image type="content" source="./media/settings-insight/createprofile-settingsinsight.png" alt-text="Settings insight shown while creating a profile" lightbox="./media/settings-insight/createprofile-settingsinsight.png":::
-
Insights are also visible when editing existing baseline profiles.
:::image type="content" source="./media/settings-insight/editprofile-settingsinsight.png" alt-text="Settings insight shown while editing a profile" lightbox="./media/settings-insight/editprofile-settingsinsight.png":::
When you see a light bulb icon, it indicates that organizations similar to yours commonly keep Microsoft's recommended default value for that setting. Settings insight only appears when:
- Sufficient peer data is available from similar organizations.
- The peer behavior aligns with Microsoft's default recommendation for the baseline.
Settings insight doesn't appear for settings where:
- There isn't enough data from similar organizations to make a reliable comparison.
- Peer behavior doesn't align with Microsoft's recommended defaults.
- The setting is new or rarely configured.
The presence or absence of an insight doesn't indicate the importance of a setting. All settings in security baselines are recommended by Microsoft's security teams regardless of whether peer data is available.
As more organizations adopt settings and additional data becomes available, insights that aren't currently shown might appear in the future.
Settings insight uses machine learning to identify organizations similar to yours and compare their configuration choices.
Similar organizations are identified using a K-means clustering model based on attributes such as:
- Industry type
- Organization size
- Other relevant characteristics
Clustering algorithms and key attributes are selected to ensure organizations are grouped appropriately. The model determines the optimal number of clusters at runtime based on clustering performance.
For organizations within the same cluster:
- Healthy organizations are identified based on Endpoint analytics scores.
- Common setting values used by these organizations are analyzed.
- When most similar organizations use Microsoft's default value for a setting, an insight appears.
- Insights only appear when peer behavior aligns with Microsoft's baseline recommendations (positive reinforcement).
Settings insight is designed with privacy and security safeguards:
- Customer data isn't used in the model - Usage data is aggregated at the organization level only.
- Data is converted when possible - Usage data is converted to categorical formats when possible (for example, Boolean attributes for feature usage, ranges for deployment ratios rather than exact values).
- Aggregation thresholds - No recommendation appears if the number of similar organizations is below a minimum threshold.
- Minimum adoption requirements - Settings must be configured by a minimum number of organizations before insights appear.
- Privacy reviews - All data usage is reviewed and approved for privacy and security compliance.
- Secure storage - Data is stored with appropriate protection and retention management.
These safeguards protect the confidentiality of individual organizations and prevent inference about specific customers.
Model execution and performance are actively monitored to ensure quality and reliability:
- Live monitors track execution anomalies and key performance metrics
- Prompt investigation addresses any issues
- Regular maintenance ensures recommendation accuracy
Settings insight provides supplemental peer benchmarking information during baseline configuration. For comprehensive guidance on deploying and managing security baselines, see: