In Azure AD we have different tools and features to protect access to corporate information by end users. To help on deploying a first security layer to protect user access to Office 365, Microsoft provides the Security Default feature in Azure AD. By enabling Security Defaults we not only add this first security layer, but we also “buy” some time to properly plan and design the security strategy for our organization. If you are curious to know the details of Security Defaults in Azure, I recommend you to read the following piece of information in docs.microsoft.com:
As y ou can see, the following security settings are applied when Security Defaults are enabled in Azure AD:
Requiring all users to register for Azure Multi-Factor Authentication.
Requiring administrators to perform multi-factor authentication.
Blocking legacy authentication protocols.
Requiring users to perform multi-factor authentication when necessary.
Protecting privileged activities like access to the Azure portal.
To configure Security Defaults in Azure AD (Note: Microsoft enables this setting by default in tenants created after 22nd of October 2019), browse Azure AD Admin Portal and clic on Properties:
Then, make clic in the Manage Security Defaults link so you can enable them:
As you can see, in this particular tenant I cannot enable ecurity Defaults because I have already done some security configurations in Azure AD that should not be overridden.