Recently, security improvements were announced by Microsoft to Azure Active Directory (AAD). These included the option for IT administrators to review and remove inactive user accounts that have not logged in to the cloud-based identity and access management service of Microsoft for a certain period of time.
Now, IT administrators can easily identify and remove accounts as a part of AAD’s Identify Governance service. This prevents unauthorized users such as former contractors and employees from accessing vital and sensitive information. One of the biggest advantages of this security feature is that it prevents former employees and contractors from accessing or sharing sensitive information.
To get started, you need to access your Azure Active Directory portal (using Azure AD Premium P2 license) and then proceed to the Identify Governance blade before heading to the New Access Review tab. You can now review all Microsoft 365 groups with specific teams and groups or guest users. Thereafter, you will have to tick the Inactive Users (On Tenant Level Only) box and mention how long inactive accounts can be permitted to access your information. Azure Active Directory will then remove inactive accounts (as per the time duration mentioned by you).
Need help with identifying and removing inactive accounts on Azure Active Directory? Please feel free to call or email us at C.I.G Consultants now.
Comments