Excahnge online tenand admin increase security

%3CLINGO-SUB%20id%3D%22lingo-sub-1779071%22%20slang%3D%22en-US%22%3EExcahnge%20online%20tenand%20admin%20increase%20security%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1779071%22%20slang%3D%22en-US%22%3E%3CP%3EHello!%3C%2FP%3E%3CP%3EWe%20would%20like%20to%20secure%20the%20admin%20role%20accounts%20for%20exchange%20online.%20I%20read%20about%20limiting%20acces%20to%20IP-s%20and%20countrys%2C%20but%20i%20did%20not%20managed%20to%20use%20any%20of%20them.%20Other%20way%20to%20set%20up%20MFA%2C%20but%20with%20many%20tenants%20and%20many%20amins%20it%20is%20not%20possible%20to%20use%20this%20except%20if%20a%20IP%20is%20whitelisted.%20I%20tried%20to%20set%20up%20this%20too%20but%20failed%20again.%20Is%20there%20any%20other%20way%20or%20option%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1779071%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1779092%22%20slang%3D%22en-US%22%3ERe%3A%20Excahnge%20online%20tenand%20admin%20increase%20security%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1779092%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F831905%22%20target%3D%22_blank%22%3E%40petersonal%3C%2FA%3E%26nbsp%3BHello%2C%20I%20don't%20really%20understand%20to%20be%20honest.%20But%20may%20I%20suggest%20the%20'Security%20defaults'%20as%20it%20makes%20security%20administration%20much%20easier.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Ffundamentals%2Fconcept-fundamentals-security-defaults%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Ffundamentals%2Fconcept-fundamentals-security-defaults%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
New Contributor

Hello!

We would like to secure the admin role accounts for exchange online. I read about limiting acces to IP-s and countrys, but i did not managed to use any of them. Other way to set up MFA, but with many tenants and many amins it is not possible to use this except if a IP is whitelisted. I tried to set up this too but failed again. Is there any other way or option?

3 Replies
Highlighted

@petersonal Hello, I don't really understand to be honest. But may I suggest the 'Security defaults' as it makes security administration much easier.

 

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-d...

Highlighted

@bec064 Sorry for my bad description. My goal is to increase the security of the exchange online admin accounts. For example, if someone cracks the admin password and starts malicious activities we must be notified somehow. Better to do some preventive actions, like turning MultiFactorAuth on for admin accounts. Hope this clears my problem, if not please let me know.

Highlighted

@petersonal Hello, now I understand better. These links will provide guidance and best practices for securing your accounts.

 

MFA support in Microsoft 365
https://docs.microsoft.com/en-us/microsoft-365/admin/security-and-compliance/multi-factor-authentica... 

 

Protect your Microsoft 365 global administrator accounts
https://docs.microsoft.com/en-us/microsoft-365/enterprise/protect-your-global-administrator-accounts... 

 

Security guidelines for assigning roles
https://docs.microsoft.com/en-us/microsoft-365/enterprise/protect-your-global-administrator-accounts...