• Products & Services
  • Community & Resources
  • Why ConnectWise
  • Support
Talk to Sales
Explore Business Management
PSA
Professional services automation designed to run your as-a-service business
CPQ
Advanced quote and proposal automation to streamline your quoting
BrightGauge
KPI dashboards and reporting for real-time business insights
ITBoost
Centralized, intuitive IT documentation
Service Leadership
Increase shareholder value and profitability
SmileBack
Customer service feedback for MSPs
WisePay
Payments automation to increase cash flow and streamline processes
Business Management Packages
Curated packages designed to streamline, standardize, and automate your business processes
PSA
Professional services automation designed to run your as-a-service business
CPQ
Advanced quote and proposal automation to streamline your quoting
BrightGauge
KPI dashboards and reporting for real-time business insights
ITBoost
Centralized, intuitive IT documentation
Service Leadership
Increase shareholder value and profitability
SmileBack
Customer service feedback for MSPs
WisePay
WisePay
Payment automation to increase cashflow and streamline processes
Business Management Packages
Optimize your business operations through curated packages designed to streamline, standardize, and automate your business processes
Explore Business Management

See new and upcoming product enhancements in our monthly innovation webinar series!
Register now >>

Explore Cybersecurity
MDR
Monitor and stop malicious activity on endpoints
MDR for Microsoft 365
Monitor, protect, and remediate Microsoft 365 exposures
SIEM
Centralize threat visibility and analysis
SaaS Security
Deliver, manage, and monetize cloud security more easily
Vulnerability Management
Identify cybersecurity risks and routinely scan for vulnerabilities
Access Management
Eliminate shared admin passwords and protect customers
Secure Access Service Edge (SASE)
Apply zero trust secure access for users, locations, and devices
Security360
AI-Driven MSP cybersecurity solutions
MDR
Monitor and stop malicious activity on endpoints
MDR for Microsoft 365
Monitor, protect, and remediate Microsoft 365 exposures
SIEM
Centralize threat visibility and analysis
Co-Managed SIEM
Deploy 24/7 managed detection and response with SOC services
Vulnerability Management
Identify cybersecurity risks and routinely scan for vulnerabilities
Access Management
Eliminate shared admin passwords and protect customers
Secure Access Service Edge (SASE)
Apply zero trust secure access for users, locations, and devices
Security360
AI-Driven MSP cybersecurity solutions
Explore Data Protection
SaaS Backup
Safeguard customer cloud app data
Co-Managed Backup
Streamline third-party backup management
Backup360
Comprehensive MSP backup management
x360Recover
Hyper-flexible disaster recovery and business continuity
Cloud Backup
Intelligent data protection for Microsoft 365
x360Cloud
SaaS application data protection
SaaS Backup
Safeguard customer cloud app data
Co-Managed Backup
Streamline third-party backup management
Backup360
Comprehensive MSP backup management
Explore Cybersecurity and Data Protection

See new and upcoming product enhancements in our monthly innovation webinar series!
Register now >>

  • IT Nation

    Industry events and networking

  • ConnectWise

    Peer groups and product training

  • Open Ecosystem

    Top-rated vendors and integrations

  • Resources

    Business-driving insights and guidance

IT Nation
IT Nation Connect
Premier MSP industry conference
IT Nation Secure
MSP cybersecurity industry conference
IT Nation Evolve
Peer groups
IT Nation Grow
Expert guidance for business transition
IT Nation PitchIT
Accelerator program for incubating growth
Wise Up Podcast
Insights and strategies to help your business
IT Nation Europe
Regional MSP industry conference
IT Nation Sydney
APAC MSP Industry Conference
Automation Nation
AI & hyperautomation training
IT Nation Connect
Premier MSP industry conference
IT Nation Secure
MSP cybersecurity industry conference
IT Nation Evolve
Peer groups
IT Nation Grow
Expert guidance for business transition
IT Nation PitchIT
Accelerator program for incubating growth
Wise Up Podcast
Insights and strategies to help your business
IT Nation Europe
Regional MSP industry conference
IT Nation Sydney
APAC MSP Industry Conference
Automation Nation
AI & hyperautomation training
Explore The IT Nation

Join the premier thought-leadership conference for MSPs.
Register Now>>

  • About Us

    Company profile, values, and leaders

  • News

    The latest ConnectWise updates

  • Markets

    Roles and industries we support

The only truly unified platform purpose-built for MSPs.
Learn more >>

  • Partner Support

    ConnectWise solution resources

  • Partner Education

    Certifications and resources

Apply Microsoft 365 Security Baselines

Posted:
03/04/2025
| By:
Michael Leison

Partners have been raving about the effectiveness of the 'Get Microsoft 365 Security Baselines v2' report in swiftly evaluating a customer's infrastructure against various compliance frameworks. Whether it's CIS, ISO 27001, NCSC Cyber Assessment Framework, or the Microsoft Secure Score Benchmark, this report simplifies the process.

Gone are the days of spending hours or even days manually checking settings against these frameworks. With the 'Get Microsoft 365 Security Baselines v2' report, partners can now generate assessments within minutes. But what comes next once you've identified areas for improvement?

Enter the 'Apply Microsoft 365 Security Baselines v2' command, developed by the ConnectWise SaaS Security team. This feature allows you to effortlessly apply a baseline/framework (along with all its settings) to one or multiple customers with just a few clicks.

Streamlining your security management has never been easier.

Product enhancements overview

Here's a quick overview of the updates:

  • Added 34 new recommendations/controls
  • Updated names for 15 recommendations/controls
  • Removed 16 recommendations/controls that were replaced by others
  • Removed all Intune-related recommendations
    Note: These can be applied separately using individual solutions located in the Security Management -> Security Baselines -> Endpoint Management folder)
  • Added more compliance-related configuration options to the Run Form
  • Added the ability to generate a Configuration Status Report that shows all the changes made by the solution for each customer in detail
  • Added settings specific to Conditional Access and Defender 365 Threat policy recommendations for Desired State Configuration (DSC)
  • Added the ability to exclude different types of identities from Conditional Access and Defender 365 Threat policies and change the default policy names
  • Improved the Preview Mode Report layout and readability using enhanced HTML formatting
  • Improved the solution performance and stability

Simplified compliance-related configuration options

When running the command, you will now have three different run options (See Figure 1 below). The basic configuration option is ideal for a quick start with a simplified set of parameters. For those seeking more control and granularity, the two advanced configuration options cater to individual or multiple customers. These options provide flexibility when encountering existing Conditional Access and Defender 365 Threat policies, allowing for tailored adjustments as needed.

Apply M365 Security Baselines Figure 1.jpg

Figure 1: Product screenshot of configuration options within 'Apply Microsoft 365 Security Baselines v2' command 

Enhanced filtering capabilities

Refine your approach by filtering recommendations based on specific products, such as Exchange, to concentrate your efforts effectively. Prioritize changes by considering End-User Impact, focusing on settings with None or Low user impact before tackling more significant adjustments.

The ‘Jewel in the Crown’ however is the ‘Primary Compliance Standard’ option that simplifies the process of selecting and applying compliance standards. Choose to either apply all recommendations or handpick from the filtered list in the 'Recommendations by Product' section. Say goodbye to manual alignment with compliance frameworks – let ConnectWise SaaS Security handle the heavy lifting for you.

Detailed preview mode

The 'Preview Mode Only' report has been enhanced for more detailed insights. By opting for 'Preview Mode Only', ConnectWise SaaS Security provides a comprehensive overview of potential changes without altering any settings. Gain valuable insights into the number of recommendations set to be applied, the extent of the impending changes, and details on the impact of these adjustments. Delve into specifics about the recommended settings, akin to the detailed information offered in the Get Microsoft 365 Security Baselines V2 Detail Report.

Apply M365 Security Baselines Figure 2.png

Figure 2: Product screenshot of Preview Mode Only report

Configuration status reporting

When you apply the settings with ‘Generate Additional Reports > Configuration Status Report’ selected, ConnectWise SaaS Security executes the updates and presents a detailed list of recommendations along with the changes made (see Figure 3 below). This feature proves invaluable for showcasing your efforts to clients or for auditing purposes, allowing you to track modifications and potentially reverse them if needed.

Apply M365 Security Baselines Figure 3.png

Figure 3: Product screenshot of Configuration Status Report

Seamless integration for efficient alignment

The Apply Microsoft 365 Security Baselines V2 script seamlessly integrates with the Get Microsoft 365 Security Baselines V2 report, enabling you to swiftly evaluate a customer's alignment with their desired framework. This streamlined process condenses days of work into mere minutes, facilitating quick and effective adjustments to align clients with their chosen security standards.