Microsoft introduces new security defaults to Azure AD. This is available to all levels of licenses. That includes trial tenants.
After introducing the defaults for security, it got enabled for over 60K users. These users were all new tenants. Moreover, the feature replaced the baseline policies for protection. Furthermore, 5K have also opted into the defaults.
The end goal is for every organization to have basic security. Microsoft is providing security at no additional cost. All users on Azure AD should have a level of security enabled.
Preconfigured defense for identity-related attacks on Azure AD
Security defaults that AAD has are basically security settings. These are recommended by Microsoft. They contain preconfigured settings for attacks that are common. Such as replay, phishing, and password spray.
Security defaults give secure default options that are managed on behalf of the companies. This keeps the clients safe. Till they are ready to take care of their own security. As said by Alex. Who is the Director for identity security.
He further said. Microsoft will be managing security. Like they do for one drive, outlook, Xbox and skype users.
As of right now, security defaults will need customers to register for MFA. Moreover, it will make it difficult for users to sign in from a new device. A multi-factor login will give challenges and roles. Furthermore, will disable legacy auth clients that have no MFA support.
The MFA aim is explained with that MFA prevents around 99.9% of accounts to be compromised.
The password doesn’t matter. The MFA, however, does. The account is 99.9% less vulnerable to attacks. If MFA is enabled.
If customers use anything beyond their passwords. The chance drops of their accounts getting hacked. Since the costs of hacking increase, people avoid attacking that account. Hence, the hacked accounts are 0.1% of the population.
Enabling default from Azure AD portal
The security defaults may be enabled from the portal of azure.
You can follow this procedure:
- Sign in to the Azure portal. You will need security admin access. Conditional or global admin access
- Go to properties. From AAD
- Click on Manage Security Defaults
- Toggle the enable security default to yes
- Select save
AAD admins that use Conditional access are not the target. Those who are looking for flexibility and companies directory settings and managing shouldn’t worry. They can still use conditional access and its policies.
Conditional access will prevent customers to use default security. Hence they can configure policies that will act the same as those provided with security default.
Alex further states that since organizations’ accounts are vulnerable. They had to take similar measures as they do for customers. Hence, the introduction of security defaults takes place.
Microsoft is applying defaults currently to new tenants. Then it will start applying to old ones. Who hasn’t done it themselves.
Announcement of Azure AD
Microsoft also announced an addition in October. They added the AAD sign-in history feature. This detects unusual logins. Furthermore, it also helped enhance Azure. Moreover, Microsoft 365 delegation capabilities get enhance as well.
AAD Identity detection increases by 100%. This was in August. A 30% decrease is in the false-positive rates.
The AAD password protection is available generally in April. This makes it possible to block passwords that are commonly in use. Moreover compromised passwords. Hence, reduced password spray attacks. Lowering risks.