Create a Conditional Access Policy Design: The Baseline

Creating a set of Conditional Access policies on your own without ever seeing how other orgs do it can be hard. In this series, we will be showcasing different policy designs and providing examples of practical deployments to meet various organizational requirements. These policies are designed to be templates that can be easily customized to fit the unique needs of your organization.

In this video, we will be focusing on the design of the “Baseline” policy. The Baseline policy is designed to tackle the following scenarios:
• Require MFA for all Admins, Users, and Guest
• Block Legacy Auth
• Set up separate policies for future growth and additional security

By the end of the video, you will have a solid simple CA policy that will keep your environment safe and secure. So if you are looking for a step-by-step guide on creating a Conditional Access Policy, be sure to watch this video, and stay tuned for the next videos in the series.

R E S O U R C E S
https://github.com/dougsbaker/Public-Toolbox/blob/main/Resources/ConditionalAccess/TheBaseline.xlsx
https://learn.microsoft.com/en-us/azure/active-directory/roles/security-emergency-access
https://learn.microsoft.com/en-us/azure/active-directory/roles/best-practices#5-limit-the-number-of-global-administrators-to-less-than-5:~:text=Microsoftrecommendsthatyoukeep,accountsinAzureAD.

C H A P T E R S
00:00 Start
01:00 Policy Design
04:39 [MFA] Admin Accounts
10:54 [MFA] Standard Users
14:51 [Block] Legacy Auth
16:51 [MFA] Guest Users
18:31 Video Wrap up