Friday, November 8, 2024
Latest:
OPERATING SYSTEMSOS Linux

Lock Down Your Microsoft 365: Your Essential Security Policies

How do you secure your Microsoft 365? Here are 13 essential security policies for Microsoft 365 security, including conditional access policies.

Chapters
00:00 Introduction
01:08 Turn Off Security Defaults
03:07 Conditional Access MFA
04:54 Conditional Access Approved Countries
09:25 Block Unapproved Device Types
10:57 Disable Persistant Browser Sessions
12:05 App Protection Policies
13:54 Block Legacy Authentication
15:16 Require MFA for Entra Join
16:16 Disable SMS MFA
18:27 Enable App Consent Workflow
20:29 Default SharePoint Sharing Settings
———————————————————————————————————————————————–
Are you using Microsoft 365 to its fullest potential? Are you getting the most from your investment? It’s time to supercharge your Microsoft 365 and your business.

Our FREE Guide – Discover 5 things in Microsoft 365 that will save your business time and money….. and one feature that increases your Cyber Security by 99.9%

► Download our guide here today: https://365gearsystem.com
————————————————————————————————————————————————

——–
So who am I and what do I do?

I am an IT expert with over 20 years of industry experience across a multitude of different areas. I am the Founder & Managing Director of Integral IT. Our mission is to deliver IT services that bring real value to each and every one of our customers, no matter how big or small.

If you need IT support, we can help. We can help you wherever you are in the world; you just need an internet connection.

Contact Us Today ► hello@integral-it.co.uk

Home

— Make Sure To Follow Me On My Socials Below —

► INSTAGRAM: https://www.instagram.com/bearded365guy

► Tik Tok: https://www.tiktok.com/@bearded365guy

If you have any video ideas, or if you’d like me to make a video on anything specific make sure to let me know in the comments below!

source

by Jonathan Edwards

linux foundation

You May Also Like

Password Reset for Ubuntu Running Oracle VM VirtualBox 2023 Walk Through (Carlvin Holder).

How to install Kali Linux on windows 10

Observability in Kata containers 2.0

23 thoughts on “Lock Down Your Microsoft 365: Your Essential Security Policies

  • Great video, unfortunately Conditional Access is another paid subscription service on top of a Microsoft 365 Business Standard account. You need a Business Premium, another £7.80 per user a month.

  • What is the minimum licensing required to enable conditional access (365 business premium?) ? And what if you have a mixed licensing environment? Do policies apply to basic users if setup ?

  • Thanks, Jonathan – what a great overview! I cannot stress enough the importance of implementing these important controls in your tenant. well done!

  • Firstly love the videos thanks so much learnt a bunch.

    Set this up as a lab. I had issues launching outlook and any other app. I wasn’t sure how to configure the intube app policy for mobile and desktop. I watched the other vid but it still just kept looping for login credentials.

  • Great vid. Speaking of global admin, how about a video talking about how to manage/removing local admin privileges on workstations?

  • If I have MFA enabled, I cannot setup our software to send emails. It is a housing software that emails our tenants.

  • I'd also recommend creating a Continuous Access Policy to require MFA if the network changes. This helps protecting against session token theft

  • Thankt!!! Great video !
    And what do I do with the scanner email and the MFA? without using a gmail (I have already seen your other video)

  • Love and appreciate your videos. Regarding MFA, I'm super excited for Device-bound Passkeys in Microsoft Authenticator to come out of Public Preview. This will be a huge step to securing accounts post EvilJynx.

  • Thank you Jonathan, this will help me secure the tenants of my customers.

  • Does the order matter with these policies? I kind of have a few basic general purpose CA policies and a few I want for special cases. Do I put the special cases first or last or does the order not matter and I have fiddle with exclusions for each policy to stop one of them stomping on the others where it shouldn't?

    Also, for licencing purposes, if I set up a 'break-glass' admin account, do I need to have a Business Premium licence attached to it or will one with no licenses be acceptable (providing that is literally its only purpose)? Any technical pros or cons for doing it this way?

  • Great Vid. Was wondering if you could do a video on Intune device licenses. There is practically no info out there on this. Specifically enrolling Win10/11 devices using Intune device licenses for shared workstations? What are the best ways to do this? What are the limitations? Lots of businesses use shared workstations for healthcare or factory workers that use the same workstations when on shift as others. We want them in Intune without paying per user license. Thanks!

  • Another great video! Too many organisations rely on Microsoft Baseline or defaults

  • Thanks Jonahan, I like your straight forward communication style.

  • As always very informative!
    Though I've some questions about 2FA.

    1. What will be the impact for users when disabling SMS from Entra when they've already enabled/using SMS using the Per user MFA?

    2. Do you need to disable Per user MFA when 2FA forced using a CA?

    3. You've excluded the Admin from any CA. How would you enforce 2FA for this one?

    Greetings from overseas, the Netherlands.

  • Jonathan you are a God sent!
    Thank you so much for these great videos! 🙏🙏🙏

  • I'm professional thumbnail designer on fiver I really want to design your thumbnails more eye catching

Comments are closed.