Skip to main content
IT KORR
IT KORRKeeping Organizations Reliable & Resilient
Microsoft 365 Security · Download

Conditional Access Baseline Workbook

A workbook for planning Microsoft 365 workload-specific Conditional Access policies — Exchange, SharePoint, Teams, and admin portals.

IT KORR Knowledge Center

Conditional Access Baseline Workbook

A workbook for planning Microsoft 365 workload-specific Conditional Access policies — Exchange, SharePoint, Teams, and admin portals.

Exchange Online

  • Legacy authentication blocked: [status]
  • Admin center MFA verified: [status]

SharePoint / OneDrive

  • App-enforced restrictions for unmanaged devices: [status]
  • Compliant device requirement for sensitive sites: [status]
  • Admin center MFA verified: [status]

Teams

  • Guest/external access policy defined: [status]
  • Guest MFA verified directly (not assumed): [status]

Related Resources

  • Conditional Access Best Practices — /knowledge-center/cloud-productivity/microsoft-365-security/conditional-access-best-practices
  • Conditional Access Baseline Generator — /tools/conditional-access-baseline-generator

This document is a starting-point resource, not legal or compliance advice. Review it against your organization's actual tenant configuration before adoption — see the full Microsoft 365 Security & Entra ID Hub for the reasoning behind each recommendation.

Build: add8299 | Built: Jul 9, 2026 9:26 PM EDT