Description
- Type: CUSTOMER
- Severity: WARNING
- Protection against: HACKING > Use of Stolen Creds
- FIX Available: YES
This Customer Check verifies whether guest users are sufficiently restricted in their capabilities.
Why this check?
In a Microsoft environment, guest users from outside the organization can be invited to, for example, hold meetings, share data, or collaborate. Because these types of users are typically less connected to the organization, it is important to keep their authorizations as limited as possible. By adjusting the Guest User Access, guest users only gain access to their own data. This way, they only receive access to data they have been explicitly granted access to.
More information on this topic can be found via the link below:
What are the possible outcomes of the check?
This check has two possible outcomes. In Attic, this is reflected as follows:
- Okay: guest users are sufficiently restricted
- Warning: guest users are insufficiently restricted
How should this be followed up?
If the check results in an output of Warning, we advise further restricting the authorizations of guest users.
A Fix is available for this check, which we will offer via Attic.
Comments
0 comments
Please sign in to leave a comment.