How to Harden the Security of your Microsoft 365 Tenant part 1

On this series of articles we are going to talk about how we can improve the security of our tenant.

Firstly we are going to talk about how to avoid Enterprise Applications Phishing Attacks.

Enterprise Applications allow integration of first- or third-party apps with Microsoft 365, providing access to data like Single Sign-On, files, and emails. However, attackers exploit this by tricking users into adding malicious Enterprise Applications to a tenant, granting the app permissions that bypass Multi-Factor Authentication (MFA) and password changes. This method can also be used to launch ransomware attacks on Exchange Online.

To disable the ability for users to grant consent for Enterprise Applications, open the Azure AD admin center, navigate to Enterprise Applications > Consent and Permissions

We will se that we have by default the option Allow user consent for apps applied. Now we have to choose either Do not allow user…