Meraki Community

rhbirkelund · ‎Jul 5 2021

For every Meraki customer that I have, the Security Settings under Organizations has its own variations.

But I am curious as to what ya'll do?

How do you configure each customers organisational settings and why?

Or in that case, your own company's settings?

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.

CptnCrnch · ‎Jul 5 2021

Even Microsoft itself has gotten to the point that expired passwords decrease security, therefore I'd leave that off.

Used passwords is a two fledged sword, possibly I'd enforce those.

Strong passwords are always a good idea.

Account lockout should be set to prevent users from being brute forced

Idle timeouts are a good things until they're set too low. I'd go with 2-4 hours

Two-factor authentication is a must nowadays

If you have the chance to provide fixed login IP ranges, these are also a good idea.

PhilipDAth · ‎Jul 5 2021

The only option I like to have enabled is forced MFA.

KarstenI · ‎Jul 6 2021

Making sure the customer has MFA enabled is IMO the most important step in onboarding a new customer. I don't want to get the call "my org is gone" because of a compromised account ...

Meraki Community

Organization Settings - in the real world

Organization Settings - in the real world