Security defaults replacing baseline protection policies in Azure AD

Security Defaults is the generally available version of Azure Active Directory Baseline Protection policies and is available today to all tenants. Microsoft says will be gradually replacing Baseline Protection policies with Security Defaults starting February 29th, 2020.

For the (Azure users in Zambia) who have adopted the Azure and Office 365 technology Security is very key in that environment. Especially that there are so many and overwhelming options in the Azure Active Directory Configuration. Additionally, this is a new technology but its also been moving at a very fast pace.

Fundamentally the need for Exchange System Admins to up the knowledge to the cloud and Azure is required.

What is in the Security Defaults?

Out of the box, Security Defaults arrives with these configurations

• Require all users and admins to register for Multi-Factor Authentication (MFA)
• Challenge users whenever Microsoft Azure systems indicate it’s necessary – mostly when users show up on a new device or app, but more often for critical roles and tasks
• Prevent users from using legacy authentication clients, which can’t do multi-factor authentication. Security Defaults will soon block authentication requests made from Exchange Active Sync basic authentication.

How To Enable Security Defaults

Security Defaults has administrative controls to enable and disable. This feature is normally off by default but you might have it on by default if your tenant was created on or after October 22^nd, 2019.

Security Defaults can be enabled/disabled by going to Azure Portal -> Properties -> Manage Security Defaults. To learn more about Security Defaults review: What are security defaults?

Security Defaults prevents users from using legacy authentication clients, which can’t do multi-factor authentication. These are normally authentication requests that are made using IMAP, SMTP, and POP3.

According to Microsoft changes updates “In the coming month, Security Defaults will begin to block Exchange Active Sync basic authentication as well. Before enabling Security Defaults, be sure to go through the legacy authentication guide to understand how to prepare for this block and move over to modern authentication.”

More Posts That May Interest You:

Azure ADConnect Architecture integrate on-premises AD Domains with Azure AD PowerShell commands to manage Business Central What is AAD – Azure Active Directory and how does it benefit the business industry Africa’s Internet Exchange Points Apple two-factor authentication finally available for Zambia 2019 GoldBrute Distribution In Zambia Installing Microsoft Azure Active Directory Module for Windows Powershell What is Azure Active Directory List Of Microsoft Apps for Mobile Devices Windows Update If You Installed Update MS14-045 Remove It Immediately Top Tips – User Activity Reporting in AAD Portal Microsoft Basic Authentication Retirement Safeguard Network Infrastructure Devices and Security Windows cannot be installed to this disk What is the real difference between Office 365 and Microsoft 365? SQL Server on-premises or in the cloud Are IT Managers in Zambia ready for work from home A-Z of Cryptocurrency 101 Glossary Microsoft the Musical the catchiest tech musical you will ever hear Windows 11 system requirement and technical details