The 7 essential settings you should review in your Microsoft 365 before January 1

by | Dec 5, 2025 | MICROSOFT 365 | 0 comments

7 revisiones esenciales de Microsoft 365 que debes hacer antes del 1 de enero - 7 essential Microsoft 365 checks you should perform before January 1

December is typically the period with the highest volume of attacks targeting Microsoft 365 environments. The combination of holidays, staff changes, and accounting closures increases the likelihood of configuration errors.

According to the Microsoft Digital Defense Report 2024, 79% of breaches in M365 originate from configuration failures, not product vulnerabilities.
To start 2026 with a more robust environment, here are the 7 key configurations you should validate.

1. MFA enabled for all users

Microsoft notes that using MFA blocks more than 99% of credential theft attempts. Despite this, many organizations still do not apply it to sensitive accounts.
Review:

  • Mandatory MFA
  • MFA for global administrators
  • Methods more secure than SMS

Source: Microsoft Security Blog, 2024.

2. Unified auditing enabled

If auditing is not enabled, it is difficult to detect unusual access or unauthorized changes.
Validates:

  • Logs enabled
  • Retention longer than 90 days
  • Basic alerts configured

Source: Microsoft Purview Audit Standard, 2024.

3. Email and file retention policies

Audits at the beginning of the year often require digital evidence. Retention helps prevent information loss due to accidental or intentional deletion.

Source: NIST 800-88 Data Retention Guidelines.

4. Active anti-phishing and anti-malware alerts

Phishing remains the most common initial method in security incidents. M365 offers advanced rules to mitigate these attacks.
Check:

  • Anti-phishing (ATP)
  • Anti-spoofing
  • Safe Links and Safe Attachments

Source: IBM Cost of a Data Breach 2024.

5. Review privileged access

Excessive permissions remain a critical factor in serious incidents.
Review:

  • Active global administrators
  • Delegated roles
  • External guests with elevated permissions

Source: Verizon DBIR 2024.

6. DLP configured for sensitive data

Data leak prevention helps avoid internal and external incidents.
Validate:

  • Rules for financial data
  • Policies for HR information
  • Alerts for copying to removable devices or external clouds

Source: Gartner DLP Forecast 2024.

7. Monitoring unusual activity

Microsoft 365 can identify suspicious patterns such as access from unlikely locations or atypical behavior.
Enable:

  • Identity Protection
  • Impossible travel
  • Risky sign-ins

Source: Microsoft Entra ID Risk Analytics.

A technical review before the end of the year reduces risks, facilitates audits, and improves operational continuity.

WhatsApp
Messenger