Block Outdated Operating Systems with Microsoft Defender for Cloud Apps (Cloud App Security)
In this write up I will be configuring Microsoft Defender for Cloud Apps (old name is Cloud App Security) and Conditional Access to block outdated operating systems from accessing Microsoft 365 services within my tenant.
Licensing
First thing you want to figure out, is licensing. You must have a license that enables “Microsoft Defender for Cloud Apps Discovery” and not “Microsoft Defender for Cloud Apps.” At the time of writing EM+S E5 sku will not work but Microsoft 365 E5 Security sku will. You will also need Azure Active Directory Premium P2 license.
Setting up Conditional Access
Once we have the proper licensing we need to route applications to Microsoft Defender for Cloud Apps. In the Azure Portal, go to Conditional Access and create a new Policy.
Assignments
In my assignments, I selected all users and excluded my break-glass account.
Cloud Apps or Actions
Next, I selected the Office … Continue...