Forum Discussion
Transition from baseline policies to security defaults
Hi team,
Any action required from all end users or affect to them if we we transition to security defaults in Office 365 admin?
Note; currently we are uses baseline policies and all users is already apply MFA using text code & Microsoft Authentication app.
Regards,
Vichet
Vichet SIM Yes, highly recommend starting with Alex’s spreadsheet here https://www.itpromentor.com/conditional-access-for-the-smb-a-how-to-guide/ Use his spreadsheet and customise it to your needs. Makes it far easier to design them, and is also a good starting point.
- Vichet SIMCopper Contributor
Hi All,
Since Security Default are block legacy authentication protocol for whole tenant. If some of users required this protocol such as IMAP for some use-case, How do we exclude it?
Thanks for help.
Regards,
- CloudHalIron Contributor
Vichet SIM you can't, you would need to use conditional access instead and build some policies. But that would require AAD premium.
- Vichet SIMCopper Contributor
CloudHal thanks you. Can you provide some tip how build some policies in conditional access. We will go through to AAD premium to fix the issue.
Regards,
Well for starters, SMS/text is not an available method with security defaults in place. Read the documentation for all the other differences: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-defaults
- CloudHalIron ContributorI found that this is not true however. You need to register with the app, but after that you can go back to aka.ms/mfasetup and register all the other methods, and they also work just fine.