1. Identity and Access Management
Description: Enable multi-factor authentication for all user credentials who have write access to Azure resources. These include roles like Service Co-A...
Thu, 7 Sep, 2023 at 9:20 AM
Description: This control ensures that all non-privileged user accounts have Multi-Factor Authentication enabled to provide an additional layer of iden...
Tue, 23 Dec, 2025 at 9:56 AM
Description: Azure AD is extended to include Azure AD B2B collaboration, allowing you to invite people from outside your organization to be guest users in ...
Thu, 7 Sep, 2023 at 9:23 AM
Description: Do not allow users to remember multi-factor authentication on devices. When you restore MFA authentication on all remembered devices for a use...
Thu, 7 Oct, 2021 at 12:40 AM
Description: Ensure that two alternate forms of identification are provided before allowing a password reset. Self-Service Password Reset(SSPR) is an Azure...
Thu, 7 Oct, 2021 at 12:46 AM
Description: Ensure that the number of days before users are asked to re-confirm their authentication information is not set to 0. Rationale: If authe...
Thu, 7 Oct, 2021 at 12:51 AM
Description: This control ensures users receive notifications whenever their password is reset by an administrator in Microsoft Entra ID. Enabling notifica...
Tue, 23 Dec, 2025 at 11:28 AM
Description: This Microsoft Entra ID (Azure AD) setting controls whether all administrators are notified when another administrator resets a password. Enab...
Tue, 23 Dec, 2025 at 11:35 AM
Description: Before an application can access your organization's data, a user must grant the application permissions to do so. Different permissions a...
Mon, 18 Oct, 2021 at 7:09 AM
Description: This setting controls whether users in the organization are allowed to add applications from the Azure AD / Microsoft Entra ID application gal...
Tue, 23 Dec, 2025 at 11:49 AM