Update Email standards for DKIM, SPF, DMARC and secure your email.
| TEAMS, OD AND SHAREPOINT |
| Task Name |
| Utilize Private Channels |
| Block External Access |
| Limit Guest Access |
| Turn off File Sharing and File Storage Options |
| Block Third-Party Applications |
| Restrict Users who can Create Teams Channels |
| Set Teams Expiration |
| Set up Advanced Threat Protection Policies for Teams |
| Set up app Protection Policies |
| Set up Data Loss prevention Policies |
| Block External Sharing |
| Configure Expiration Time for External Sharing Links |
| Secure Classic Settings |
| Adopt the OneDrive Sync Client |
| EXCHANGE ONLINE |
| Task Name |
| Update Outlook Web App Policies |
| External Email Tagging |
| Enable Email Encryption |
| Enable Client Rules Forwarding Blocks |
| Set Outbound Spam Notifications |
| Do not allow mailbox delegation |
| Disallow Calendar Sharing |
| Spam Filtering |
| Malware |
| Anti-Phishing Policy |
| Configure ATP Safe Links and Safe Attachments Policy |
| Add SPF, DKIM, and DMARC |
| Do not Allow Calendar Details Sharing |
| Auditing and Reporting |
| Enable Audit Log Search |
| Enable Mailbox Auditing for All Users |
| Configure User reported settings |
| GENERAL M365 |
| Task Name |
| Enable MFA for users |
| Enable MFA For Admins |
| Customize Company Branding |
| Implement 3rd part backups |
| Implement Backup Test Protocol |
| Block Legacy Authentication |
| Enable Self-Service Password Reset |
| Audit accounts not used in last 30 |
| Designate More than 1 Global Admin but fewer than 5 |
| Do not allow users to grant consent to applications |
| Disable Unused Enterprise Applications |
| Disable User Application Registration |
| Disable Outside People In Groups |
| Disable access to Office Store |
| Turn on Auditing |
