Jan 20 2023 09:37 AM
1. Block login except from certain countries
2. Block unused device operating systems
3. Require compliant devices
4. Require Hybrid Azure AD joined device
5. Require an app protection policy
6. Block high-user risk
7. Block high sign-in risk
8. Require MFA
9. Block basic/legacy authentication
To learn how to set them up go to 9 Conditional Access Policies You'll Kick Yourself for Not Setting Up
Jan 22 2023 12:30 PM
SolutionOct 16 2023 06:37 AM
@John Gruber - why require Hybrid Joined devices? This flies in the face of current Microsoft preference to move customers to a cloud-only solution, meaning Azure joined only.
Mar 19 2024 01:01 PM
@RonS_ except "hybrid" is an official end state.
Jan 22 2023 12:30 PM
Solution