Security Best Practices For Microsoft Partners
Security Best Practices For Microsoft Partners
practices for
Microsoft partners
Improve your security posture
with Microsoft tools, resources,
trainings, and platforms.
Version 1.1
Why security matters Microsoft is invested in keeping our ecosystem
secure as cyberthreats rise.
for you and your
customers The volume of password attacks has risen to
an estimated 921 attacks every second—
a 74% increase in just one year.1
With the rise in sophisticated
cybersecurity attacks, security
continues to be one of the top Microsoft synthesizes 43 trillion1
challenges of our digital age. security signals daily, using sophisticated
analytics to understand and protect
against digital threats.
Today, anything less than
comprehensive security is no
Microsoft has 8,500+ engineers, data
security at all. scientists, cybersecurity experts, threat
hunters, geopolitical analysts, and frontline
responders across 77 countries.1
framework to become a
you can keep the data belonging to you, your business,
and your employees safe from cyberattacks.
1. Gartner: “Forecast: Information Security and Risk Management, Worldwide, 2020-2026, 3Q22 Update,”
September 28, 2022.
Microsoft will deliver ongoing guidance
and resources to help you adopt
stronger protective measures.
To successfully implement Zero Trust
across our ecosystem, we’re relying on
Creating a safer world for all— you to take the necessary security
together actions.
By working together, we can better plan
for shifts in the cybersecurity landscape
and proactively respond to risk for years
to come.
Implement a strong approach to security
With new threats constantly emerging, Learn and Identify and add
security must remain a top priority for upskill security contacts
your business—and tasks should be
properly delegated to ensure a
sustainable system.
upskill
Learn the best ways to implement the Zero Trust framework and deploy
and sell security products and services.
Key role:
Security Operator/Analyst
or Security Administrator
Identify and Security contact responsibilities and guidance
add security
contacts
Establish a point of contact The security contact is an individual or group within your organization who will
for security information. serve as the point of contact if Microsoft detects a threat. The contact must have
an inbox that can be monitored constantly—we recommend using a distribution
list—and respond with urgency to investigate and remedy security concerns.
Key role:
Security Administrator
Secure your Enforce multifactor authentication (MFA) for all
users in tenants for you and your customers
identities
Your identity secure score shows MFA is a key component of the Learn more about the Azure
Safeguard against how aligned you are with
Microsoft’s security
Azure Active Directory security
defaults. Explore the benefits of
Active Directory security defaults,
including deployment
frequent attacks with recommendations—and where
you can better protect your
these defaults and follow simple
actions to enable them for your
considerations and enforced
security policies.
these simple tools. customers and business. customers.
Read time: 8 min
Read time: 6 min Read time: 5 min
Read the article
Check your score Read the blog
identities
Familiarize yourself with delegated administration Strengthen your customers’ security by monitoring
processes to improve
Read time: 5 min
Read time: 6 min
Learn how
customers’ security. Explore the FAQ
Granular delegated administration privileges (GDAP) Create new GDAP relationships with the GDAP bulk
allow customers to partition partners’ access, migration tool, which allows partners to execute the
creating an appealing option for those who have DAP-GDAP transition in batches.
regulatory privacy or security requirements.
Read time: 10 min
Read time: 2 min
Key role: Discover tool features
Learn more about GDAP
Security Administrator
Secure your Use Microsoft Defender for Endpoint
endpoints Microsoft Defender for Endpoint works to stop Watch an overview video. View time: 7 min
threats, scale defenses, and evolve your security.
Review the documentation for a deeper dive into its
Create a Conditional Access policy to ensure that all For accounts with customer tenant access, Microsoft
devices accessing an organization’s resources recommends a separate endpoint.
comply with selected security standards—such as
requiring device encryption or a PIN to unlock. Read time: 2 min
Key role:
Security Administrator
Ongoing Detect fraud
monitoring
Watch for suspicious activity by configuring your security
notifications and monitoring customer transactions.
Mitigate risk by
upholding the Zero
Trust framework.
Configure your Azure AD Gain insight into customer Azure fraud detection and
Identity Protection notification transactions by viewing and notification locates potential
emails to stay informed on at- exporting activity logs. By cryptocurrency mining activities
risk users and detected risky staying up-to-date on customer in your customers’ Azure
sign-ins (in real time). Promptly purchases, you may be able to subscriptions. Notifications
investigate suspicious activity better identify any actions that enable you to take swift action
and help ensure customer safety. seem suspicious. against fraudulent behavior.
Key role:
Security Operator/Analyst
or Security Administrator
Ongoing Manage costs
monitoring
Managing Azure costs is crucial to keeping security updated and
sharp. Microsoft offers resources to help you monitor cost trends,
detect anomalies, and track your investment in security.
Manage nonpayment, fraud, and misuse by building Cost alerts notify you when a customer’s spending
practices that reduce risk and address violations of exceeds a set amount. Types of alerts include
Microsoft policies. Because you are financially budget, credit, and department spending quota,
responsible for customers’ nonpayment and enabling you to keep a close eye on your customers’
fraudulent purchases, having a plan of action is spending—and catch any suspicious activity.
essential for your business.
Key role: Read time: 2 min
Read time: 3 min
Security Operator/Analyst
Turn on alerts
or Security Administrator Make a plan
Maintaining strong security requires more
than completing one task; it’s a continual
practice of monitoring your—and your
Continually invest in each customers'—ecosystem. Thinking critically
aspect of your security about security and regularly updating your
knowledge and tools is the only way to
remain safe in a shifting landscape.
Joining forces is the
best line of defense
At Microsoft, we’re committed to helping you
adopt security strategies that empower you and
your customers to continue achieving at the
highest level.
Together, let’s evolve to meet security Need help? Submit a support request in
challenges and protect people and Partner Center.
organizations around the globe
Stay secure by joining our “Security
Through the Lens of Zero Trust” live
webinar series or on-demand workshop.
Get the list of impacted Azure resources that have Azure fraud activities
Security best practices for partners in the Cloud Solution Provider program
Partner Learn and upskill Add a security Secure
checklist
contact identities
□ Register for the “Security through
the lens of Zero Trust” webinar □ Identify your organization’s □ Enable phish-resistant MFA for
security contact and consider your tenants.
□ Read the “Securing the channel”
setting this up as a distribution list
blog post □ Enable phish-resistant MFA for
with multiple people who can
your customer tenants.
□ Watch the on-demand security respond quickly.
workshops □ Review your DAP report and
□ Keep your contacts updated in
Improve your security posture Partner Center.
remove unneeded connections.
Key role: Security Operator/Analyst □ Migrate the DAP connections you
by completing these actions, or Security Administrator
Key role: Security Administrator
still need to GDAP.
Secure Ongoing
endpoints monitoring
□ Use secured devices to access □ Enable fraud detection and
your tenant. notifications.
□ Enforce compliant devices using □ Set up cost management, budget
Azure AD Conditional Access. limits, and related notifications on
Azure subscriptions.
□ Use next-generation antivirus and
endpoint detection, as well as □ Set up identity protection and
response products such as configure reports and alerting.
Microsoft Defender for Endpoint.
Key role: Security Operator/Analyst
Key role: Security Administrator and Security Administrator