Microsoft has released the public preview of access reviews for inactive users as part of Azure Active Directory (AD) Governance for organizations can take action to remove inactive accounts that could be leading to security risks.
The feature is designed to help organizations deactivate accounts from former employees or contractors whose assignments have ended by identifying them and removing them if they have no purpose going forward.
According to Microsoft, the feature allows administrators to review and remove Azure AD accounts that have not been signed in for a specified number of days, with sign-in activity including both interactive and non-interactive. Stale accounts are then automatically removed.
Administrators can specify and inactive duration for up to two years for guests or all users.
The feature comes as remote and hybrid work has forced organizations to expand collaboration both within and between organizations, increasing the likelihood that stale accounts exist in IT environments.
In Azure AD under Identity Governance, admins can select which accounts to review, including guest users only or everyone. Then, admins can review inactive users only, and select the days inactive to better filter inactive accounts.
For more information, read Microsoft’s documentation on Azure AD access review.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!
Leave a Reply