By Guru Baran
Publication Date: 2025-12-20 14:17:00
Microsoft has begun deploying Baseline Security Mode across Microsoft 365 tenants, a new dashboard in the M365 Admin Center that centralizes recommended security configurations for Office, SharePoint, Exchange, Teams, and Entra.
Announced at Ignite 2025, this opt-in feature helps administrators quickly assess vulnerabilities, run impact reports, and apply risk-based hardening without immediate user disruptions.
As of December 2025, it’s appearing in select tenants under Org Settings > Security & Privacy, with full rollout targeted for late January 2026 worldwide.
Baseline Security Mode enforces 18 to 20 policies across three core areas, drawing from Microsoft’s threat intelligence and two decades of response center data.
Authentication policies 12 in total block legacy protocols like basic auth, Exchange Web Services (EWS), and IDCRL, while mandating phishing-resistant MFA for admins using FIDO2 or passkeys.
File protections limit…
