Microsoft 365 Apps Security Baseline | Harden System Security¶
The security baseline for Microsoft 365 Apps for enterprise is published twice a year, usually in June and December. Use the Harden System Security App to effortlessly apply them onto your system.
In this page, the Harden System Security app enables you to apply the Microsoft 365 Apps Security Baselines on your system, verify compliance, and remove the applied policies.
You can measure the compliance level of your system using the built-in compliance assessment functionality by simply pressing the Verify button on this page. You will receive a detailed report of every security measure inside the Microsoft 365 Apps Security Baseline and you will be able to export this security report to a properly formatted JSON file as well.
Each security measure has the following details:
Friendly Name: Helps you easily identify the security measure and its purpose.Source: Shows you which part of the Microsoft 365 Apps Security Baseline this security measure belongs to.Status: Whether the current system applies the security measure or not.Current Value: The current value of the security measure on the system.Expected Value: The correct and secure value the security measure should be in order to be compliant.
You can change the download URL of the Microsoft 365 Apps Security Baselines in this page too if you need. This can come handy if you want to apply an older baseline on your system or to just change the URL to point to another address such as an alternative mirror.
Note
When applying the Microsoft 365 Apps Security Baseline, Harden System Security app will automatically download the latest version directly from Microsoft's servers or from the URL you provided, process it entirely in memory, and apply it without writing any temporary files to disk. The same is true for verification or removal processes.
While this approach increases development complexity, it significantly improves security by preventing malicious interference with temporary files before application.
The app caches the baseline in memory to avoid unnecessary re-downloads. The cache expires every 2 hours, after which it is refreshed with the latest data from the Microsoft Server/Custom URL you provided, and this only happens if the app is open. The cache is compressed to minimize memory usage.
