Frequently Asked Questions

Find answers to common questions about TrueConfig, Microsoft 365 security configuration, and identity protection best practices.

General Questions

Q
What is TrueConfig?
A

TrueConfig is a Desired State Configuration (DSC) platform for Microsoft 365 identity and access security. It continuously monitors your Entra ID tenant, detects configuration drift from security baselines, and provides automated or guided remediation.

Q
How does TrueConfig work with Microsoft 365?
A

TrueConfig connects to your Microsoft 365 tenant using read-only Graph API permissions. It scans your Entra ID configuration, evaluates it against industry-standard security baselines (CIS, NIST, etc.), and reports any deviations along with remediation guidance.

Q
Is TrueConfig safe to use on my production tenant?
A

Yes. TrueConfig uses read-only permissions by default. Auto-remediation is opt-in, requires explicit approval, and includes safety gates to prevent destructive changes. All actions are logged in a full audit trail.

Q
What security controls does TrueConfig monitor?
A

TrueConfig monitors 55 security controls across 9 categories including privileged access, identity protection, conditional access, MFA, application security, and more.

Q
Does TrueConfig support multiple tenants?
A

Yes. TrueConfig supports multi-tenant deployments, allowing you to monitor and manage security across multiple Microsoft 365 tenants from a single dashboard. This is ideal for MSPs and enterprises with multiple environments.

FAQs by Security Category

Browse frequently asked questions organized by security control category.

Identity & Authentication

5

User authentication and identity protection controls

View FAQs

Privileged Access

8

Administrative role and privilege management

View FAQs

Conditional Access

12

Access policies and conditional requirements

View FAQs

Workload Identity & Applications

9

Application registrations and service principals

View FAQs

Guest & External Access

7

Guest users and external collaboration

View FAQs

Governance & Hygiene

6

Account lifecycle and hygiene practices

View FAQs

Logging & Visibility

5

Audit logs and monitoring capabilities

View FAQs

Data Protection

2

Data loss prevention and information protection

View FAQs

License Management

1

License utilization and cost optimization

View FAQs

FAQs by Security Control

Get detailed answers about specific security controls and their implementation.

ID-01User MFA RegistrationID-02Block Legacy AuthenticationID-03Enable Self-Service Password ResetPA-01Limit Global Administrators to 2-4PA-02Use Dedicated Admin AccountsPA-03Configure Emergency Access AccountsCA-01Require MFA via Conditional Access PolicyCA-02Require MFA for All AdministratorsCA-08Block Access from High-Risk CountriesAPP-01Application Ownership for Apps with CredentialsAPP-02Enforce Application Credential ExpirationEXT-01Restrict Guest Invitation Permissions
View all 55 controls

Related Resources

Security Controls Reference

Complete documentation of all 55 security controls

Security Glossary

Definitions of Microsoft 365 and security terminology

Still Have Questions?

Start a free trial and get personalized guidance for your Microsoft 365 security configuration from our security experts.

Start Free Trial