Microsoft 365 Tenant Hardening Checklist

• Enforce MFA for admins; block legacy auth
• Tighten SharePoint external sharing defaults
• Alert on risky sign-ins
• Enable audit logging and retention
• Baseline DLP policies for obvious leaks