Security Updates

by | Nov 24, 2023 | News, Security

We need to make some security changes.

These are in accordance with the continued work by Microsoft to protect 365 users.  This will keep your configuration current with their latest advisories but may have some (limited) impact on your IT experience.  It is all about keeping your configuration cyber-safe and responding to new capabilities and tools.


Here is what you can expect:

:Conditional Access (MFA) Changes  

Microsoft Conditional Access is a tool that helps keep important information safe. It’s like a guard that checks who is allowed to enter a building. If someone is not allowed, the guard will not let them in. Similarly, Microsoft Conditional Access checks if someone is allowed to see important information and only lets them in if they are allowed – for example, where are they logging in from?

What are we doing: 

Kinetics will be ensuring customers are migrated from ‘Legacy MFA Policies’ over to the new “Manage” authentication methods for ‘Microsoft Entra ID’.  Kinetics will migrate customers over to new Conditional Access Policies that do the following. 

1.0 KARE MFA Enforcement – All users will require MFA in All Locations

2.0 KARE MFA Administrator Enforcement – This is a fallback policy for Administrator accounts to ensure they have MFA (backup to the general KARE MFA Enforcement) 

3.0 KARE Service Account Sign in – Excluded Service Accounts will be restricted to only sign in from the office.  

4.0 KARE MFA Setup Restrictions – This will require user to be in the office or already have an existing MFA Method setup to add/modify/remove existing MFA methods 


Why are we doing this: 

To Ensure all accounts are Secure, and to help with continued requirements from Microsoft.  


What could be impacted: 

Users or Service accounts that do not yet have MFA, will be required to setup MFA to sign in, we will mitigate this by forcing service accounts to only be able to sign in from one location such as the office. 

Microsoft Defender for Office 365  

What are we doing: 

Ensuring the Global Quarantine Policy is set to once per day or more frequently if already set more frequently. 

Ensuring the MDO Security Presets are configured for the customer for Safe Links, Safe Attachments, Anti-Phishing, Anti-Spam and Anti-Malware   


Why are we doing this: 

This allows us a huge benefit of keeping up with the constantly evolving Microsoft Security Standards.  


What could be impacted:  

User accounts, should see little to no impact but may get more quarantine emails as more true positives are caught.