Microsoft Azure Active Directory Security Defaults

Background

In May 2022, Microsoft announced that it will be automatically enforcing more secure default settings, known as "security defaults" on all existing Microsoft 365 (Azure AD) tenants. Although clients who came on board with the Microsoft portal after October 2019 are already protected, Microsoft is running a campaign to move all users to multi factor authentication (MFA) when logging into the portal. They are currently sending notifications via email to all administrators.

Why is this being done?

Microsoft is being proactive in ensuring your data is secure, in light of increased hacking and scamming. Authentication is also the first step in compliance for Cyber Security (see our blog on this here) and can be done easily by the user themselves.

What exactly is the Azure Active Directory (Azure AD)?

Azure AD is Microsoft's cloud-based identity and access management service. 

What do users have to do?

If not already protected by multi factor authentication, it is recommended that this is enabled. You may receive a message from Microsoft (which were starting to be sent 22nd March 2023) to remind you to enable your security defaults. It is highly recommended that you action this as soon as possible. 

Further, if you don’t take action, security defaults will automatically be enabled after 14 days.

What is Loyal I.T. Solutions doing regarding this?

Loyal I.T. Solutions has started securing their administrator passwords to all their active clients, to ensure that access from our end is secure as well. Where possible, we are also enabling security defaults for clients, on their behalf.

If you have any issues or questions about the authentication process or wish to discuss Loyal I.T. Solutions actioning multiple security defaults for your company, call us on 02 4337 0700 or email reception@loyalit.com.au