What if we can't access our tenant due a security issue?

Question

We assume breach, but we take as many measures as possible to prevent a security incident. But if someone accessed our tenant and locks us out, what to do?
We can't create an Azure support ticket, because we don't have access.

What are the alternatives? I would like to include these steps in my script if we do have to deal with a security incident.
Is there a phone number we can consult? How can we authenticate?

We have a partner, however the agreement with Microsoft goes directly from my business to Microsoft.

Answer 1

@GvGAdmin
Thank you for your post and I apologize for the delayed response!

When it comes to being completely locked out of your tenant and not being able to create a support request from that tenant you can:

• Call our Global Customer Service phone number(s).
• Reach out to our Azure Data Protection team - (866-807-5850).
• Create an Azure support request from another Azure AD tenant and subscription - referencing your lockout tenant's ID and summarizing the issue.

To prevent being completely locked out, I'd recommend creating and managing an emergency access account in Azure AD. This account will help prevent being locked out of your Azure Active Directory (Azure AD) tenant because you can't sign in.

Additional Links:
Azure AD Privileged Identity Management
Conditional Access
Best practices for Azure AD roles
Azure AD access reviews
Best practices for Azure RBAC

I hope this helps!

If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.

----------

Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.