As businesses grow, so do their employee base. This leads to new users coming in, old users leaving the network, and current users changing their duties. As things change, your IT Administrators can lose track of who has access. Luckily, you can audit your users with Azure AD Access Reviews.
Azure AD Access Reviews give your Admins a detailed look into your organization. They let you see which users are in an AD group and who can access your AD applications, among other actions. Your AD Access Reviews can also now be used to review the rights of guest users in your tenant. Another powerful feature, AD Access Reviews can be scheduled on a regular basis. Regular review is key to healthy IAM security.
Reviewing a group of users is useful to see who is part of a privileged group. A group can be assigned to high power roles, like Global Administrator, rather than a user account directly.
Applications and Service Principals can also be assigned to high power roles as well. This helps create a context of when users need privileged access, but also needs to be reviewed.
By scheduling a review to happen on a regular basis, you ensure that your network gets regular checkups. IAM security is key to securing your data in the Cloud-first world.
Regularly checking the access of user accounts helps prevent attacks like those done through SolarWinds. It is vital to Audit Your Users with Azure AD Access Reviews. If you need a free tool, the free version of SenservaPro has added in review of direct and nested memberships recently.