Microsoft 365 Apps for enterprise security baseline by default?

New Contributor

Stupid or simple question - i couldnt find an answer.


Given i use to deploy (user) policies to M365 Apps for Enterprise. 

I see 132 security baseline policies. I read "microsoft recommended security baseline" and "if you disable or _not_ configure" the xyz secure setting is active.


That means:

Microsoft 365 Apps for enterprise are by default using the settings of the security baseline if I configure nothing?

Here the security baseline policies purpose would be to set policies to the less secure setting - in case needed?


best regards


1 Reply
best response confirmed by Rick_Munck (Microsoft)
Most (if not all) of the time, when the description says the default behavior is equivalent to what the baseline would configure, without enforcing the baseline the user can choose a less-secure configuration. The baseline ensures that the secure choice is not overridden by a user.