General

This check verifies whether Conditional Access policies are used instead of Security Defaults.

Rationale

Microsoft 365 comes with Security Defaults enabled by default. The advantage of this is that basic security measures are automatically activated. However, for organizations with an Entra ID P1 or P2 license, using Conditional Access provides more control over how someone can access the Microsoft environment. Because Attic uses Conditional Access to refine that access, its use is also recommended.

Attic Fix

A fix is available for this check! It will be offered via a ticket in Attic, which you can then accept.

Manual instructions

Follow these steps to disable Security Defaults so that Conditional Access can be used:

1. Go to the Entra admin center at https://entra.microsoft.com
2. Open Identity > Overview > Properties
3. Select Manage security defaults
4. Set Security defaults to Disabled

More information

1. https://learn.microsoft.com/en-us/entra/fundamentals/security-defaults