So, it might be useful if you have a way to programmatically report on or toggle Security defaults, which is what the /policies/identitySecurityDefaultsEnforcementPolicy endpoint enables. While you can check the status of the feature and toggle it from the Azure AD blade, this UI-based approach is not always applicable. The downside is that it lacks the customizability of the individual features, especially when compared to Conditional Access policies, and is basically an “all or nothing” toggle.īecause of the “all or nothing” approach, it’s not that uncommon for Security defaults to interfere with the normal work of users and/or admins, and there have been multiple issues reported on the different technical communities, all of which caused by the feature.
#Turn off security defaults office 365 for free
While most enterprise customers have probably already configured all these settings, or are planning to, the biggest benefit of the feature is that it’s made available for free for all tenants, even those that are not licensed to use services such as Azure AD Identity Protection. Apart from disabling basic authentication and forcing MFA for admins, it includes things such as mandatory MFA registration for users.
The Security defaults feature is basically a set of pre-configured settings, intended to beef up the security of your organization. But first, a word or two about Security defaults. Continuing our exploration of the different policies objects exposed under the /policies Graph API endpoint, in this article we will discuss how to get the current state of the Security defaults feature, and change it as needed.
0 kommentar(er)
