Microsoft has begun deploying Baseline Security Mode across Microsoft 365 tenants, a new dashboard in the M365 Admin Center that centralizes recommended security configurations for Office, SharePoint, Exchange, Teams, and Entra.
Announced at Ignite 2025, this opt-in feature helps administrators quickly assess vulnerabilities, run impact reports, and apply risk-based hardening without immediate user disruptions.
As of December 2025, it’s appearing in select tenants under Org Settings > Security & Privacy, with full rollout targeted for late January 2026 worldwide.
Baseline Security Mode enforces 18 to 20 policies across three core areas, drawing from Microsoft’s threat intelligence and two decades of response center data.
Authentication policies 12 in total block legacy protocols like basic auth, Exchange Web Services (EWS), and IDCRL, while mandating phishing-resistant MFA for admins using FIDO2 or passkeys.
File protections limit risky behaviors, such as opening documents via insecure HTTP/FTP protocols, ActiveX, DDE, or legacy formats outside Protected View, and disable vulnerable tools like Microsoft Publisher ahead of its 2026 retirement.
Public preview and general availability started mid-November 2025, with phased deployment completing by March 2026 for GCC, DoD, and GCCH clouds.
Admins with Security or Global roles can enable it directly: select “Automatically apply default policies” for seven low-impact controls or “Generate report” for simulation on the rest, reviewing audit-based impact data within 24 hours. No tenant disruptions occur until changes are approved, and progress tracking shows “At risk” or “Meets standards” statuses.
This secure-by-default model addresses common misconfigurations, closing gaps exploited in credential stuffing, phishing, and supply chain attacks.
By simplifying enforcement across services, it prepares organizations for AI-driven threats under the Secure Future Initiative, with future expansions to Purview, Intune, and Azure planned. Tenants seeing it now, like the users, gain an edge in proactive defense amid rising ransomware and APT campaigns.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Microsoft Rolls Out Baseline Security Mode for Office, SharePoint, Exchange, Teams, and Entra appeared first on Cyber Security News.
