M365 Admin: Don’t miss this setting January

$0.00

In this short 22 minute webinar we covered security defaults, why you probably don’t want to use them and why that’s OK, break-glass admin accounts, creating your own security defaults and an allowed locations conditional access policy. It was a lot for that short amount of time.

Our very first session was attended by 99 individuals and they asked 88 questions! I’m very thankful for all of the attendance and kudo’s that you’ve sent. I thought it might take a while to build up an audience but apparently this topic is one that has great appeal. Good to know! The plan is to keep this up every month and very soon I will have calendar items for you to add to your schedule. Make sure that you are on our mailing list! Join is from the website. Join our Facebook page, Third Tier. Join our Facebook group, Ransomware and Security. Follow us on Twitter, @thirdtier, I’m trying to remember to also post there. And don’t forget that all we do is help IT Pros, so when you get stuck on something we have an expert to help you out. Just open a ticket at https://helpdesk.thirdtier.net 

During the session I mentioned that I had some URL resources for you. Here they are:

All about security defaults

Why Security Defaults were createdhttps://techcommunity.microsoft.com/t5/azure-active-directory-identity/introducing-security-defaults/ba-p/1061414

What are the security defaultshttps://docs.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-defaults

During this webinar I suggest that you should create your own set of security defaults that mimic Microsoft’s but that have an exception for your break-glass accounts. Having at least one emergency account is critical. The next article has a lot of information. Just worry about creating the account for now. Remember Microsoft approaches everything as if you’re the largest of the large companies of the world and this article reflects that. Go through the creating the account portion and then be sure to exclude it from your MFA for admins policy. That’s all you really need from the article below.

Create an emergency break-glass admin account

Emergency tenant accesshttps://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-emergency-access

Create your own security defaults

How to create a policy to block legacy authenticationhttps://docs.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-block-legacy-authentication

Require MFA for adminshttps://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-admin-mfa

Require MFA for Azure mgthttps://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-azure-management

Require MFA for users. https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-all-users-mfa

Configure MFA registration policyhttps://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-configure-mfa-policy

 

Category:

Description

In this short 22 minute webinar we covered security defaults, why you probably don’t want to use them and why that’s OK, break-glass admin accounts, creating your own security defaults and an allowed locations conditional access policy. It was a lot for that short amount of time.

Our very first session was attended by 99 individuals and they asked 88 questions! I’m very thankful for all of the attendance and kudo’s that you’ve sent. I thought it might take a while to build up an audience but apparently this topic is one that has great appeal. Good to know! The plan is to keep this up every month and very soon I will have calendar items for you to add to your schedule. Make sure that you are on our mailing list! Join is from the website. Join our Facebook page, Third Tier. Join our Facebook group, Ransomware and Security. Follow us on Twitter, @thirdtier, I’m trying to remember to also post there. And don’t forget that all we do is help IT Pros, so when you get stuck on something we have an expert to help you out. Just open a ticket at https://helpdesk.thirdtier.net