Microsoft Security Defaults Check [CHK-1127]
This check verifies if Microsoft Security Defaults are enabled.
Rationale
Enabling Microsoft Security Defaults enhances security by enforcing multi-factor authentication (MFA) for all users, blocking legacy authentication protocols, and protecting specific activities like accessing the Azure Portal.
Fix
An automated fix is available through Attic.
Manual steps:
- Sign in to the Azure AD portal at https://entra.microsoft.com
- Navigate to Overview > Properties
- At the bottom of the page, click "Manage security defaults"
- Set "Security defaults" to "Enabled"
- Click "Save" to apply the changes
Impact
Upon successful implementation, all users will be required to register for MFA using the Microsoft Authenticator app. Administrators will always perform MFA, users will perform MFA in specific cases, and legacy authentication protocols will be blocked.
More Information
For more details, visit Microsoft Security Defaults