Merge pull request #101158 from MicrosoftGuyJFlo/SecurityDefaultsUpdate

[Azure AD] Security Defaults - Update from PG

Author: GitHubber17

articles/active-directory/conditional-access/concept-conditional-access-policy-common.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: conditional-access
 ms.topic: conceptual
-ms.date: 12/10/2019
+ms.date: 01/14/2020
 
 ms.author: joflore
 author: MicrosoftGuyJFlo
@@ -30,15 +30,17 @@ More information about emergency access accounts and why they are important can
 
 ## Typical policies deployed by organizations
 
-* [Require MFA for administrators](howto-conditional-access-policy-admin-mfa.md)
-* [Require MFA for Azure management](howto-conditional-access-policy-azure-management.md)
-* [Require MFA for all users](howto-conditional-access-policy-all-users-mfa.md)
-* [Block legacy authentication](howto-conditional-access-policy-block-legacy.md)
+* [Require MFA for administrators](howto-conditional-access-policy-admin-mfa.md)\*
+* [Require MFA for Azure management](howto-conditional-access-policy-azure-management.md)\*
+* [Require MFA for all users](howto-conditional-access-policy-all-users-mfa.md)\*
+* [Block legacy authentication](howto-conditional-access-policy-block-legacy.md)\*
 * [Risk-based Conditional Access (Requires Azure AD Premium P2)](howto-conditional-access-policy-risk.md)
 * [Require trusted location for MFA registration](howto-conditional-access-policy-registration.md)
 * [Block access by location](howto-conditional-access-policy-location.md)
 * [Require compliant device](howto-conditional-access-policy-compliant-device.md)
 
+\* These four policies when configured together, would mimic functionality enabled by [security defaults](../fundamentals/concept-fundamentals-security-defaults.md).
+
 ## Next steps
 
 - [Simulate sign in behavior using the Conditional Access What If tool.](troubleshoot-conditional-access-what-if.md)

articles/active-directory/fundamentals/concept-fundamentals-security-defaults.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: conditional-access
 ms.topic: conceptual
-ms.date: 12/06/2019
+ms.date: 01/14/2020
 
 ms.author: joflore
 author: MicrosoftGuyJFlo
@@ -25,7 +25,10 @@ Microsoft is making security defaults available to everyone. The goal is to ensu
 
 ![Screenshot of the Azure portal with the toggle to enable security defaults](./media/concept-fundamentals-security-defaults/security-defaults-azure-ad-portal.png)
 
-The following security configurations will be turned on in your tenant. 
+> [!TIP]
+> If your tenant was created on or after October 22nd, 2019, it’s possible you are experiencing the new secure-by-default behavior and already have security defaults enabled in your tenant. In an effort to protect all of our users, security defaults is being rolled out to all new tenants created.
+
+More details on why security defaults are being made available can be found in Alex Weinert's blog post, [Introducing security defaults](https://techcommunity.microsoft.com/t5/azure-active-directory-identity/introducing-security-defaults/ba-p/1061414).
 
 ## Unified Multi-Factor Authentication registration