Over the course of COVID-19, we are seeing many people and organisations increasing their use of technology particularly for remote working and collaboration. Over the coming articles, we will be share important considerations when securing your ICT environment by enabling the various functionality in order to remain secure and protected.
In this next part of this series, along the same lines of multi-factor authentication (MFA) is to configure Azure Active Directory security defaults. Security defaults is a set of basic security mechanisms which Microsoft recommend. Once enabled these are automatically enforced in your organisation and helps to protect users and Administrators from common identity-related attacks.
The security defaults include blocking legacy authentication (often used in older apps and protocols such as POP, IMAP and SMTP), which these days are an unsecure means for accessing your information in Microsoft 365. It also requires all users to register for Azure multi-factor authentication.
Security defaults can be enabled from within the Azure Active Directory Admin Centre. Some caution needs to be applied when conducting these changes. In particular, as some devices and apps still use SMTP (including some printers), and some accounts requiring MFA could be locked out if not performed within the 14 day time period. However with good planning this should definitely be added to the “must do” list. Security Defaults is becoming part of the standard configuration for Microsoft 365 in the future, however at stage would likely need to be turned on in your tenant. If you are using Microsoft 365 Business Premium, or an Enterprise version then you will have access to Conditional Access.
CyberGuru can assist with implementing security defaults and other security measures in your organisation. In addition, we provide consulting, support and training in the use of these as well as best practices to ensure you and your organisation can full advantage of technology.
If you have any questions, please feel free to contact us.