Description
- Type: CUSTOMER
- Severity: WARNING
- Protection against: SOCIAL ENGINEERING
This Customer Check alerts when new external management parties are added to the Microsoft environment.
Why this check?
Microsoft allows service providers to access your Microsoft environment. Such accounts are called Delegate Admins. This form of access can also be abused by attackers.
Since it is rare for such a connection to be made, and it has a significant impact, we alert you with each new connection so you can double-check its legitimacy.
What possible outcomes does the check have?
This check has two possible outcomes. In Attic, this is reflected as follows:
- Okay: No changes since the previous check.
- Warning: A new Delegate Admin connection has been made since the previous check.
How should this be followed up?
If the output is Warning, we advise double-checking the changes. If you suspect the change is unauthorized, please contact us for further steps.
Comments
0 comments
Please sign in to leave a comment.