(Context: I work at an MSP, so this is not just a question for my own instance, I manage many of both of these.)
Today on the IT Hour, there was a good chat about security practices (thanks Nicole!) and I was wondering if anyone had a good resource for hardening Microsoft/Google tenants against the most obvious of attack attempts. I have looked for articles/checklists and found specific OR current, but not both. Do you have any to share?
Microsoft's built-in Compliance Manager in the Compliance Admin Center is pretty good. There is a Data Protection Baseline that is included with your MS subscription that pulls from different settings in the admin portals and includes documentation and links to setup better security practices. Compliance Manager - Microsoft Purview
You can also see compliance according to other baselines/standards if you are interested - links to how to configure your MS environment are free, and if you want you can buy other templates and see where you are with regards to those standards.
Not sure if they have any tools at the partner portal level to see this across clients or streamline implementation of these sorts of settings across clients.
Here are some resources from those providers that cover key controls to implement.