AI Checklist Generator

From the makers of Manifestly Checklists

Email address

Home > Information Technology > Microsoft 365 hardening security baselines

Microsoft 365 hardening security baselines

Preparation

Ensure all Microsoft 365 licenses are up to date.

Identify key stakeholders and assign roles for implementing security baselines.

Review current security measures in place and identify gaps.

Configuration

Enable multi-factor authentication for all users.

Navigate to the Microsoft 365 admin center.
Go to 'Users' and select 'Active users'.
Click on 'Multi-factor authentication' and enable it for all users.

Implement strong password policies.

Go to 'Azure Active Directory' in the Microsoft 365 admin center.
Navigate to 'Security' and then 'Authentication methods'.
Set password policies such as length, complexity, and expiration.

Enable audit logging and monitoring.

Access the 'Security & Compliance Center' in Microsoft 365 admin center.
Go to 'Audit log search' and enable auditing for relevant activities.
Set up alerts for suspicious activities.

Disable legacy authentication protocols.

Access 'Azure Active Directory' in the Microsoft 365 admin center.
Navigate to 'Security' and then 'Authentication methods'.
Disable legacy protocols such as POP, IMAP, and SMTP.

Implement data loss prevention policies.

Go to the 'Security & Compliance Center' in Microsoft 365 admin center.
Navigate to 'Data loss prevention' and create policies to protect sensitive information.
Apply these policies to relevant users and data.

Enable encryption at rest and in transit.

Access 'Microsoft 365 admin center' and go to 'Settings'.
Navigate to 'Services & add-ins' and select 'Data encryption'.
Enable encryption for data at rest and in transit.

Endpoint Protection

Ensure all devices have up-to-date antivirus software installed.

Implement device encryption on all endpoints.

Enable Windows Defender Firewall.

Enable Windows Defender Antivirus.

Implement application whitelisting.

Email Security

Enable Exchange Online Protection.

Implement anti-phishing policies.

Enable email encryption.

Train users on email security best practices.

Access Control

Implement role-based access control.

Regularly review and update user access permissions.

Enable Azure AD Conditional Access policies.

Implement Just-In-Time access for privileged accounts.

Incident Response

Develop an incident response plan.

Conduct regular security training and awareness programs.

Implement automated threat response mechanisms.

Regularly conduct security assessments and penetration testing.

Download CSV Download JSON Download Markdown

Use in Manifestly

Related Checklists

Security Checklist

Security Checklist is an important tool to identify, assess and manage security risks in order to protect information systems and data.

view →

Server Maintenance Checklist

A server maintenance checklist is an important tool for ensuring the stability and reliability of a server system.

view →

Desktop Configuration Checklist

A Desktop Configuration Checklist is a valuable tool for ensuring that systems are configured securely and consistently.

view →

Incident Response Checklist

An Incident Response Checklist is essential for ensuring a timely, effective, and organized response to security incidents.

view →

Data Backup Checklist

A Data Backup Checklist is an important tool for ensuring that important data is regularly backed up and secure.

view →

Software Update Checklist

A Software Update Checklist is essential to ensure that all of your software is up-to-date and running optimally.

view →

Server Configuration Checklist

The Server Configuration Checklist is an important tool for ensuring that a server is properly set up and secured for the intended purpose.

view →

Performance Monitoring Checklist

Performance Monitoring Checklist is a tool used to ensure a system is running efficiently and effectively, and to identify and address any potential problems or issues.

view →

Network Maintenance Checklist

Network Maintenance Checklists provide a structured way to ensure that all critical network components are regularly monitored and maintained, helping to ensure the network's stability and security.

view →

Patch Management Checklist

Patch Management Checklist is important for IT departments to ensure that all systems are up-to-date and secure from potential security threats.

view →

Disaster Recovery Checklist

A Disaster Recovery Checklist is an important tool for organizations to use to ensure that all necessary steps are taken to protect and maintain their IT systems in the event of an emergency.

view →

Software Installation Checklist

A software installation checklist helps ensure that all required components are installed correctly and efficiently, minimizing the risk of errors and providing a consistent and seamless user experience.

view →

User Access Control Checklist

User Access Control Checklists are important for ensuring that only authorized users have access to sensitive information and systems.

view →

Hey there! Here's a little about us or visit our recurring workflow SaaS: Manifestly Checklists

Light Dark