Microsoft is making changes to improve security for its users through the Secure Future Initiative. One of the key principles is being secure by default, which means that security protections are enabled automatically. For example, in Microsoft Entra, security defaults are always on for every new tenant, providing a basic level of protection for user identities and resources.
To further enhance security, Microsoft is now requiring all users to register for multifactor authentication (MFA) on their first login after security defaults are enabled. This will help prevent account compromise, as MFA is highly effective against identity-based attacks. This change will start for new tenants in December 2024 and will be rolled out to existing tenants in January 2025.
It is recommended that organizations enable security defaults if they are not using Conditional Access, as it offers a simple yet effective way to protect users and resources from common threats. For more information on these updates and how to prepare your users, you can review the documentation provided by Microsoft.
Overall, these updates are part of Microsoft’s ongoing effort to provide a secure and reliable identity service. By taking proactive security measures like enabling security defaults, organizations can better protect themselves from potential security breaches and attacks.
Source: https://techcommunity.microsoft.com/t5/microsoft-entra-blog/update-to-security-defaults/ba-p/4044868
