What if we can't access our tenant due a security issue?

GvGAdmin 21 Reputation points
2022-08-26T12:28:32.283+00:00

We assume breach, but we take as many measures as possible to prevent a security incident. But if someone accessed our tenant and locks us out, what to do?
We can't create an Azure support ticket, because we don't have access.

What are the alternatives? I would like to include these steps in my script if we do have to deal with a security incident.
Is there a phone number we can consult? How can we authenticate?

We have a partner, however the agreement with Microsoft goes directly from my business to Microsoft.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,289 questions
{count} votes

Accepted answer
  1. JamesTran-MSFT 36,351 Reputation points Microsoft Employee
    2022-09-14T17:39:46.093+00:00

    @GvGAdmin
    Thank you for your post and I apologize for the delayed response!

    When it comes to being completely locked out of your tenant and not being able to create a support request from that tenant you can:

    To prevent being completely locked out, I'd recommend creating and managing an emergency access account in Azure AD. This account will help prevent being locked out of your Azure Active Directory (Azure AD) tenant because you can't sign in.

    Additional Links:
    Azure AD Privileged Identity Management
    Conditional Access
    Best practices for Azure AD roles
    Azure AD access reviews
    Best practices for Azure RBAC

    I hope this helps!

    If you have any other questions, please let me know.
    Thank you for your time and patience throughout this issue.

    ----------

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.


0 additional answers

Sort by: Most helpful