![]() In a May 25 post, Microsoft announced the extension of Security Defaults to protect tenants created before October 2019. Combined with conditional access policies, MFA erects a substantial barrier against account compromise. Even MFA based on SMS messages is so much better than basic authentication with username and password. In a nutshell, this means that accounts in those tenants use multi-factor authentication (MFA) unless administrators decide otherwise. In October 2019, Microsoft enabled Azure AD Security Defaults for new tenants. ![]() Which is why Azure AD Security Defaults exist. Secure servers are good, but user account compromise still happens to give attackers a route into Office 365 tenants. Microsoft manages servers and takes care of basic maintenance and other matters of server hygiene. It becomes potentially disastrous and a one-way ticket to compromise when they are.Īs you might have heard once or twice before, things are different in the cloud. This is acceptable when the servers aren’t exposed to the internet. One of the lessons learned from last year’s Hafnium fiasco was that some organizations with on-premises Exchange servers don’t manage them very well. Need for Protection (and Good Security Defaults) Evident in the Cloud Need for Protection (and Good Security Defaults) Evident in the Cloud.
0 Comments
Leave a Reply. |