1. Identity and Access Management

Ensure that 'Multi-Factor Auth Status' is 'Enabled' for all Privileged Users
Description: Enable multi-factor authentication for all user credentials who have write access to Azure resources. These include roles like Service Co-A...
Thu, 7 Sep, 2023 at 9:20 AM
Ensure that 'Multi-Factor Auth Status' is 'Enabled' for all Non-Privileged Users
Description: MFA reduces organizational risk and helps achieving regulatory compliance by providing an additional layer of security on top of the existing ...
Thu, 7 Sep, 2023 at 9:21 AM
Ensure Guest Users Are Reviewed on a Regular Basis
Description: Azure AD is extended to include Azure AD B2B collaboration, allowing you to invite people from outside your organization to be guest users in ...
Thu, 7 Sep, 2023 at 9:23 AM
1.4 Ensure that 'Allow users to remember multi-factor authentication on devices they trust' is 'Disabled
Description: Do not allow users to remember multi-factor authentication on devices. When you restore MFA authentication on all remembered devices for a use...
Thu, 7 Oct, 2021 at 12:40 AM
1.5 Ensure that 'Number of methods required to reset' is set to '2'
Description: Ensure that two alternate forms of identification are provided before allowing a password reset. Self-Service Password Reset(SSPR) is an Azure...
Thu, 7 Oct, 2021 at 12:46 AM
1.6 Ensure that 'Number of days before users are asked to re-confirm their authentication information' is not set to "0"
Description: Ensure that the number of days before users are asked to re-confirm their authentication information is not set to 0. Rationale: If authe...
Thu, 7 Oct, 2021 at 12:51 AM
1.7 Ensure that 'Notify users on password resets?' is set to 'Yes'
Description: Ensure that ‘Notify users on password resets?' is set to 'Yes'. If this option is set to Yes, users resetting their password recei...
Mon, 18 Oct, 2021 at 7:02 AM
1.8 Ensure that 'Notify all admins when other admins reset their password?' is set to 'Yes'
Description: Notify all admins when other admins reset their passwords. If this option is set to Yes, then all other Azure administrators receive an email ...
Mon, 18 Oct, 2021 at 7:06 AM
1.9 Ensure that 'Users can consent to apps accessing company data on their behalf' is set to 'No'
Description: Before an application can access your organization's data, a user must grant the application permissions to do so. Different permissions a...
Mon, 18 Oct, 2021 at 7:09 AM
Ensure that 'Users can add gallery apps to My Apps' is set to 'No'
Description: Ensure that Users can add gallery apps to their Access Panel" setting is set to "No” within your Azure Active Directory user setting...
Thu, 7 Sep, 2023 at 9:26 AM