Cloud Security
Microsoft to roll out security defaults to millions more worldwide

Microsoft will apply security defaults to millions more users beginning in late June, the software giant announced. Pictured: A logo sits illuminated outside the Microsoft booth at the SK telecom booth of the GSMA Mobile World Congress on Feb. 28, 2022, in Barcelona, Spain. (Photo by David Ramos/Getty Images)
Microsoft announced this week that it’s rolling out security defaults to existing customers who have yet to enable the defaults or Azure AD Conditional Access, applying the defaults to millions of more customers.The software giant introduced security defaults in October 2019 for new tenants with basic security hygiene in place, especially multi-factor authentication (MFA) and modern auth requirements, regardless of license, Alex Weinert, Microsoft’s director of identity security, wrote in the announcement. Since then, more than 30 million organizations are protected by the defaults and experience 80% fewer compromises than the overall tenant population, he continued. However, tenants created before October 2019 were not included in the defaults unless they explicitly enabled features such as Conditional Access, Identity Protection and MFA — until now.Microsoft will start the security defaults for customers who don't use Conditional Access, and who aren't actively using legacy authentication clients. Redmond will notify global admins by email, and begin to apply the defaults in late June. The security defaults are expected to protect an additional 60 million accounts. “When we look at hacked accounts, more than 99.9% don’t have MFA, making them vulnerable to password spray, phishing, and password reuse,” Weinert said.
An In-Depth Guide to Cloud Security
Get essential knowledge and practical strategies to fortify your cloud security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds