Ensure Security Defaults is enabled on Azure Active Directory
Security defaults in Azure Active Directory (Azure AD) make it easier to be secure and help protect your organization. Security defaults contain preconfigured security settings for common attacks.
Risk Level: High
Cloud Entity: AD Security Defaults
CloudGuard Rule ID: D9.AZU.IAM.38
Covered by Spectral: No
Category: Active Directory
GSL LOGIC
ADSecurityDefaults should have isEnabled=true
REMEDIATION
From Portal
To enable security defaults in your directory:
- From Azure Home select the Portal Menu.
- Browse to Azure Active Directory and select 'Properties'.
- Select 'Manage security defaults' link down below.
- Set the 'Enable security defaults' toggle to Yes.
- Select Save.
Note: For all new Tenants, Security Default is enabled by Default.Please note that at this point of time, there is no Azure CLI or other API commands available to programmatically conduct security configuration for this recommendation.
References
- https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-defaults
- https://techcommunity.microsoft.com/t5/azure-active-directory-identity/introducing-security-defaults/ba-p/1061414
- https://workbench.cisecurity.org/sections/722878/recommendations/1182655
AD Security Defaults
Security Defaults is to ensure that all organizations have at least a basic level of security enabled at no extra cost
Compliance Frameworks
- AZU PCI-DSS 4.0
- Azure CIS Foundations v. 1.2.0
- Azure CIS Foundations v. 1.3.0
- Azure CIS Foundations v. 1.3.1
- Azure CIS Foundations v. 1.4.0
- Azure CIS Foundations v. 1.5.0
- Azure CIS Foundations v.2.0
- Azure CloudGuard Best Practices
- Azure NIST 800-53 Rev 5
- CloudGuard Azure All Rules Ruleset
Updated over 1 year ago