As we have started using conditional access and MFA, we are also looking to block legacy authentication this is a recommendation by Microsoft.
Legacy authentication can bypass your CA polices, I had thought disabling MAPI and others per user would be enough, but unless you disable/block the legacy authentications your really not protecting your tenant.
Here are the links I found about setting up conditional access to block legacy authentication. I had one time found a report that would tell you who/what was still using the old authentication methods. I’m still trying to find that again. If you know please leave it in the comment below.
Quick link from Twitter, don’t want to lose the link https://twitter.com/anoopmannur/status/1497256566206181376?s=21 https://www.anoopcnair.com/set-automatic-lock-screen-for-inactive-device-intune/