Share via

Implementing Security Settings Post-Disabling Security Defaults

nakashima 20 Reputation points
2024-05-10T12:20:37.2966667+00:00

Hello Microsoft Community,

At our company, we are currently working on enhancing our security level by configuring Microsoft Intune and Entra ID. This includes the use of conditional access policies, necessitating the disabling of the Security Defaults.

After disabling the Security Defaults, we understand that the following settings are necessary to maintain a similar level of security as when it was enabled:

  • Enforcing Multi-Factor Authentication (MFA)
  • Risk-based conditions
  • Blocking legacy authentication protocols
  • Managing privileged access
  • Protecting access to Azure Resource Manager and similar
  • Preparing emergency access accounts

I am posting this question after translating from Japanese. If there are any expressions that are unclear, please let me know. I would appreciate any guidance on the specific steps and precautions needed to implement these settings. Also, please confirm if my understanding is correct.

Thank you!

Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,456 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,782 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Pauline Mbabu 15 Reputation points Microsoft Employee
    2024-05-14T10:13:39.3666667+00:00

    Hello @nakashima,
    Kindly look at this cloud adoption framework documentation on the guidance and best practices that help you confidently adopt the cloud and achieve business outcomes.
    Also look at this doc - It lists some of the basic controls included with security defaults Providing a default level of security in Microsoft Entra ID - Microsoft Entra | Microsoft Learn.

    0 comments
  2. Navya 4,395 Reputation points Microsoft Vendor
    2024-05-20T11:10:54.5366667+00:00

    Hi @nakashima

    Thank you for posting this in Microsoft Q&A.

    Yes, you understand correctly when it comes to using conditional access controls to protect your tenant after disabling security defaults.

    Please refer to the documentation below, which include all of the conditions you stated in the request you made.

    Template categories

    Create a Conditional Access policy

    Hope this helps. Do let us know if you any further queries.

    Thanks,

    Navya.

    If the answer is helpful, please click "Accept Answer" and kindly "upvote" it.

    0 comments