Human Intelligence / Security for Dev's

CRW01 Fear the Defaults - Take Control of Your Entra ID Configuration


8:00am - 9:15am

Level: Intermediate

Jan Ketil Skanke

Security MVP, Enterprise Mobility MVP

COO and Principal Cloud Architect


For many organizations, moving to Microsoft 365 is a given these days. The lure of collaboration, simple(ish) licensing, and built in security checks all the boxes. Unfortunately, just because it is in the cloud, and you have security features, doesn't mean they are enabled or enforced in an effective way.

Do you think the default is good enough? You already got all the security licenses, right?

In this session we will take you through the top security related considerations when it comes to hardening default out of the box Entra ID environments. From applications, to groups, to conditional access, all of which can be used and leverage as a grounds of attack, so know understand the risks, and how to mitigate against them.

At the end of this session, you will be forewarned and forearmed to deal with the fires within your tenant that you did not know were there.

You will learn:

  • The risk of using the defaults
  • What you need to get to an acceptable state
  • About hardening and controlling privileged access