Microsoft 365 security baseline

Challenge

Basic logins were still in use and devices were not consistently updated. Security settings differed between departments and there was no simple baseline.

Approach

• Enabled multi factor authentication for all users
• Applied simple device rules like encryption and active antivirus
• Provided short and clear user guidance for the new sign in steps

Outcomes

• All accounts protected with MFA within one month
• Fewer account lockouts and password reset tickets
• Leadership gained confidence in a solid and simple baseline

What made it work

Keep changes small and steady, document clearly, and sequence major steps around business milestones.