Workflow for high risk users on Azure AD

David Marques 41 Reputation points
2021-08-27T08:25:13.59+00:00

Hi,

I work in a small security team, and we don't have 24/7 till now, so I would like to find a way to lock users which are High Risk users.

By now we get an email alert of those.

What I would like to know is if I can create any kind of workflow that whenever a user has a High Risk, sends the email and locks the user on Active Directory, until a team member will be able to check it manually.

Is there any way to achieve it considering we don't have yet Sentinel (neither we can right now).

Thanks

Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,807 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Limitless Technology 39,461 Reputation points
    2021-08-27T15:43:07.05+00:00

    Hello @David Marques

    You may achieve this by Singing Risk or conditional access policies.

    Please have a look on below article mentioning the same.

    https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-configure-risk-policies

    https://learn.microsoft.com/en-us/azure/active-directory/authentication/tutorial-risk-based-sspr-mfa

    If the reply was helpful, please don’t forget to upvote or accept as answer.

    0 comments No comments