Forum Discussion
About Microsoft 365 Defender Policies & Rules
Hi Everyone, There are a few issues with Microsoft 365 defender. What policies and rules should I add to or add to other than Microsoft's default policies and rules? Suggestions about the...
Hi Software_C,
First question - It really depends on what you are trying to protect against. If you need more than Microsoft's defaults to address a risk scenario, yes, you have to add policies and rules to address them. Do you have a specific concern that is not addressed by an MS default? If not, follow the security principle of "keep it simple" and use what Microsoft has provided.
Second question - The differences between standard and strict values can be seen here.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide
Microsoft's suggested use cases are:
Standard protection: A baseline protection profile that's suitable for most users.
Strict protection: A more aggressive protection profile for selected users (high value targets or priority users).
Thanks, Ash
First question - It really depends on what you are trying to protect against. If you need more than Microsoft's defaults to address a risk scenario, yes, you have to add policies and rules to address them. Do you have a specific concern that is not addressed by an MS default? If not, follow the security principle of "keep it simple" and use what Microsoft has provided.
Second question - The differences between standard and strict values can be seen here.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide
Microsoft's suggested use cases are:
Standard protection: A baseline protection profile that's suitable for most users.
Strict protection: A more aggressive protection profile for selected users (high value targets or priority users).
Thanks, Ash
