Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
In Microsoft Entra, we group our security recommendations into several main areas. This structure allows organizations to logically break up projects into related consumable chunks.
Tip
Some organizations might take these recommendations exactly as written, while others might choose to make modifications based on their own business needs. In our initial release of this guidance, we focus on traditional workforce tenants. These workforce tenants are for your employees, internal business apps, and other organizational resources.
We recommend that all of the following controls be implemented where licenses are available. These patterns and practices help to provide a foundation for other resources built on top of this solution. More controls will be added to this document over time.
Protect identities and secrets
Reduce credential-related risk by implementing modern identity standards.
Protect networks
Protect your network perimeter.
Check | Minimum required license |
---|---|
Named locations are configured | Microsoft Entra ID P1 |
Tenant restrictions v2 policy is configured | Microsoft Entra ID P1 |
Protect engineering systems
Protect software assets and improve code security.
Monitor and detect cyberthreats
Collect and analyze security logs and triage alerts.
Check | Minimum required license |
---|---|
Diagnostic settings are configured for all Microsoft Entra logs | Microsoft Entra ID P1 |
Privileged role activations have monitoring and alerting configured | Microsoft Entra ID P2 |
Privileged users sign in with phishing-resistant methods | Microsoft Entra ID P1 |
All high-risk users are triaged | Microsoft Entra ID P2 |
All high-risk sign-ins are triaged | Microsoft Entra ID P2 |
All user sign-in activity uses strong authentication methods | Microsoft Entra ID P1 |
High priority Microsoft Entra recommendations are addressed | Microsoft Entra ID P1 |
No legacy authentication sign-in activity | Microsoft Entra ID P1 |
All Microsoft Entra recommendations are addressed | Microsoft Entra ID P1 |
Accelerate response and remediation
Improve security incident response and incident communications.
Check | Minimum required license |
---|---|
Workload identities based on risk policies are configured | Microsoft Entra Workload ID |
Restrict high risk sign-ins | Microsoft Entra ID P2 |
Restrict access to high risk users | Microsoft Entra ID P2 |