![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 88%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIJ%3C/text%3E%3C/svg%3E)
Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation.
7,511 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 33%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EXX%3C/text%3E%3C/svg%3E)
Hi @Israt Jahan Tulin ,
For your questions:
1.Security Score Recommendation: Ensure modern authentication for SharePoint applications is required
a.What office app version won’t work after enabling the modern authentication for SharePoint? Current infrastructure is Windows 10/11 and Office App is 2016 and up.
Legacy client apps, such as Office 2010 and Office for Mac 2011, do not support modern authentication and can only be used with basic authentication.Office 2016 and up, which you are currently using, will work with modern authentication enabled.
b.Which type of modern authentication methods are being refereed here to authenticate for SharePoint?
This option is recommended for organizations that use modern authentication as the identity management approach, having multi-factor authentication (MFA) enabled for their user accounts.
2.Security Score Recommendation: Block OneDrive for Business sync from unmanaged devices.
a. For the Block OneDrive business sync from unmanaged devices, is the implementation of Intune required?
Yes, implementing Intune is recommended for managing and enforcing policies on devices, including blocking OneDrive sync from unmanaged devices. Intune helps ensure that only compliant and managed devices can sync with OneDrive.
b. When implementing, it requires GUID. Which GUID is it referring to? Where can I find this GUID for Cloud? We have hybrid infrastructure.
The GUID referred to here is the Azure Active Directory (AAD) device ID. This ID is used to identify and manage devices in your organization. You can find this GUID in the Azure portal under the device's properties.
c. Does the policy implemented on SharePoint will impact on OneDrive as well?
Yes, policies implemented on SharePoint, such as blocking sync from unmanaged devices, will also impact OneDrive for Business.
3.Security Score Recommendation: Restrict anonymous users from joining meetings
a. Which type of users are referred as anonymous users?
Anonymous users are those who do not have an Azure Active Directory (AAD) login or any other authenticated identity. They join meetings without signing in, typically by clicking on a meeting link.
b. By default, the option is on. What happens if I turn this option off?
If you turn off the option to allow anonymous users to join meetings, only authenticated users will be able to join. This means that participants will need to sign in with their AAD or other authenticated credentials before joining the meeting. This enhances security by ensuring that only verified users can participate5.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.