New Entra Admin Roles Are NOT Automatically Protected by Conditional Access
Read OriginalThis article highlights a critical security oversight in Microsoft Entra ID: newly introduced admin roles are not automatically included in existing Conditional Access policies. It explains why relying on automatic protection is risky, as privileged roles may lack MFA enforcement, legacy auth blocking, or device compliance checks. The post recommends monthly role reviews, policy updates, and automation to close this gap. Includes a PowerShell script to list directory role templates. Essential for IT admins managing identity security.
0 comments
Comments
No comments yet
Be the first to share your thoughts!
Browser Extension
Get instant access to AllDevBlogs from your browser
Top of the Week
No top articles yet