Just as you would never leave your physical office unlocked and unattended, securing your technology is equally crucial.
But wading through complex security settings can be overwhelming (to say the least).
This is where Microsoft 365's default security settings come in—a basic approach that offers a surprising amount of protection for your business.
M365 Default Security Settings: the Details
Security defaults address many common cyberthreats, including phishing attacks and password-based compromises.
Imagine a burglar trying to pick a flimsy lock. With security defaults enabled, you've installed a solid deadbolt. This immediately eliminates many risks associated with outdated authentication methods like POP3, which lack the multifactor authentication (MFA) that's become standard in today's cybersecurity best practices.
In the same vein, Microsoft 365’s preconfigured security defaults are basic security for your technology—a significant layer of protection from cybercriminals for the lowest cost.
Security defaults include:
- Requiring all users to register for multifactor authentication
- Requiring administrators to use multifactor authentication
- Requiring users to use multifactor authentication when necessary
- Blocking legacy authentication protocols (e.g., IMAP, POP, SMTP, etc.)
- Protecting privileged activities like access to the Azure portal (source)
If your M365 tenant was set up on or after October 22, 2019, security defaults are automatically turned on.
If your tenant was created prior to that date, be sure to turn them on manually. It's a simple step—free with Microsoft Entra ID licensing—with significant benefits.
Is M365's Default Security Enough for My Business?
Are the default settings right for your particular business? That depends on many factors, including its size and industry.
While default security might work for small businesses that are not geographically dispersed and also don’t have a standard security policy in place, highly regulated industries like defense contracting will almost certainly require more granular control.
And of course, as your business grows in size and complexity, so should your security.
How to Disable Microsoft 365 Default Security
Don't. There is no longer a world in which your business will not be the target of an attempted cyberattack. Security defaults—while an additional step and a sometimes annoyance—offer the basic protection that just might save you from a financial and PR nightmare.
Putting It All Together
M365's security defaults are a low-effort, high-reward way to significantly improve your company's security posture.
And you're never alone! WYRE always helps by tailoring our managed security solutions to your specific needs, ensuring your technology is safeguarded from emerging threats.
Focus on your business—we'll take care of the rest.