Summary
Baseline Security Mode centralizes Microsoft’s recommended security standards for Office, SharePoint, Exchange, Teams, and Entra. Rolling out from November 2025 to March 2026, it provides admins with a dashboard to assess and improve security posture using impact reports and risk-based recommendations, with no immediate user impact.
More information
Introduction
Baseline Security Mode is a centralized experience that helps you meet Microsoft’s recommended security standards across Office, SharePoint, Exchange, Teams, and Entra. It leverages Microsoft’s threat intelligence and insights from two decades of Microsoft Response Center cases to strengthen your organization’s security posture and prepare for evolving AI-driven threats.
When this will happen:
Public Preview: Rollout begins mid-November 2025 and completes by late January 2026.
General Availability (Worldwide): Rollout begins mid-November 2025 and completes by late January 2026.
General Availability (GCC): Rollout begins early January 2026 and completes by late January 2026.
General Availability (DoD): Rollout begins early February 2026 and completes by late February 2026.
General Availability (GCCH): Rollout begins early March 2026 and completes by late March 2026.
How this affects your organization:
Who is affected: Global admins and security admins managing Microsoft 365 tenants across Office, SharePoint, Exchange, Teams, and Entra.
What will happen:
A new Baseline Security Mode dashboard will be available in the Microsoft 365 admin center.
Admins can view the tenant’s current security posture compared to Microsoft’s recommended minimum security bar.
Admins can run impact analysis reports to assess changes before applying them.
Recommendations will be grouped by risk level, with statuses such as “At risk” or “Meets standards.”
No immediate user impact unless admins apply changes.
What you can do to prepare:
Navigate to Microsoft 365 admin center > Settings > Org Settings > Security & privacy > Baseline Security Mode.
Review recommendations marked as “At risk.”
Initiate an impact report to understand potential changes.
Apply recommendations to bring your tenant to “Meets standards.”
Communicate upcoming changes to your helpdesk or security teams.
Learn more: Baseline security mode settings | Microsoft Learn
Compliance considerations:
No compliance considerations identified; review as appropriate for your organization.and risk-based recommendations, with no immediate user impact.
