Forum Discussion
John Gruber
Jan 20, 2023Brass Contributor
9 top recommended conditional access policies to secure your Microsoft 365 environment
1. Block login except from certain countries
2. Block unused device operating systems
3. Require compliant devices
4. Require Hybrid Azure AD joined device
5. Require an app protection policy
6. Block high-user risk
7. Block high sign-in risk
8. Require MFA
9. Block basic/legacy authentication
To learn how to set them up go to 9 Conditional Access Policies You'll Kick Yourself for Not Setting Up
- For 6 and 7 I would rather choose self-remediation of the high risk with password change and MFA 😉
- For 6 and 7 I would rather choose self-remediation of the high risk with password change and MFA 😉
- RonS_Copper Contributor
John Gruber - why require Hybrid Joined devices? This flies in the face of current Microsoft preference to move customers to a cloud-only solution, meaning Azure joined only.