CloudServus - Microsoft Consulting Blog

Microsoft Security Defaults Updates | CloudServus | Microsoft Partner

Written by cloudservuscom | Mar 29, 2023 2:06:31 PM

3 years ago, we released information about Azure and Microsoft 365 Security to help Microsoft customers and the technology community learn about Microsoft Security Defaults.

As a top 1% Microsoft consulting company, we at CloudServus want to continue this conversation and discuss recent Microsoft Security Defaults updates.

Microsoft Security Defaults are pre-configured security settings enabled by default for all Microsoft 365 and Azure Active Directory (Azure AD) customers. These settings help protect organizations from common cyberattacks by enforcing stronger authentication methods and reducing the risk of compromised accounts.

Security features in Microsoft Security Defaults include multi-factor authentication, conditional access, passwordless authentication, and baseline protection policies.

 

Why are Microsoft Security Defaults important for my business?

 

The cybersecurity landscape is constantly evolving.

 Security is a top concern for businesses to protect sensitive customer and company data. Organizations require a robust security strategy to ensure business continuity and avoid disruptions to operations that can result in lost productivity and revenue.

Microsoft Security Defaults are essential for businesses because they provide increased security, are easy to set up, help with regulatory compliance, reduce the risk of credential theft, and protect against account compromise.

When organizations explore new cloud capabilities in Azure, like enabling teams to collaborate efficiently or creating their first applications in Azure, security isn’t always top of mind. As a result, enabling security settings is often overlooked until the organization suffers a security breach.

In 2021, around 1,108,609 complaints of identity theft were filed with the Federal Trade Commission (FTC) in the United States. Over 2,100 data breaches were publicly disclosed in 2022, resulting in exposure of approximately 22 billion records and impacting more than 422 million people.

Microsoft Security Defaults help organizations intuitively set up security protocols and efficiently manage their security by enabling security defaults in the Azure Portal.

Preconfigured security settings can protect organizations from identity-related attacks.

 

Important Microsoft Security Default Updates

 

So what’s the latest Microsoft Security Defaults news? In 2022, security defaults automatically were implemented for existing Microsoft 365 tenants who haven’t already applied MFA and haven’t enabled security defaults, Conditional Access policies, or per-user MFA settings.

Also, you can now manage security in the Microsoft 365 admin center and the Azure Portal.

We also took the opportunity to list some critical considerations for Microsoft Security Defaults:

  • Ensure security policies are enforced by requiring all users and administrators to register for Azure AD Multi-Factor Authentication.

  • Block legacy authentication (example: clients using Office 2010 or older mail protocols such as IMAP, SMTP, or POP3.

  • Use the Azure Resource Manager API to protect privileged activities.

  • Configure backup administrator accounts, also called emergency access accounts. 

  • Use Conditional Access to configure policies similar to security defaults. Please note that security defaults won’t be available to you if you’re using Conditional Access in your environment today.

Azure Budgets in Cost Management and Microsoft Security Defaults

 

Organizations can achieve a more comprehensive approach to cloud management and security by leveraging Azure Budgets and Microsoft Security Defaults. This can help them optimize their cloud resources while ensuring they have strong security controls to protect their data and systems.

By using Azure Budgets, organizations can ensure they do not overspend on cloud resources and reduce the risk of financial waste. Meanwhile, by enabling Microsoft Security Defaults, organizations can improve their overall security posture and reduce the risk of compromised accounts and data breaches.

At CloudServus we focus on security and continuous improvement. We provide our customers with the latest technology updates, cost-effective cloud solutions, and offer cloud security assessments that can help protect our customers from cyber threats.  If customers choose to procure their Microsoft licensing through out CSP program, CloudServus will proactively improve your security posture through Microsoft best practices and monitor budgets via alerts that can help detect unwanted provisioning of cloud resources by bad actors.

Be sure to contact us here at CloudServus so we can help you assess the state of your current Microsoft Security environment and ensure a robust and comprehensive security environment.