Description
- Type: CUSTOMER
- Severity: WARNING
- Protection against: HACKING > Use of Stolen Creds
- FIX Available: YES
This Customer Check verifies whether guest users are blocked from inviting other guests themselves.
Why this check?
In a Microsoft environment, guest users from outside the organization can be invited to, for example, hold meetings, share data, or collaborate. It is probably undesirable for those guest users to also be able to invite other guest users themselves. This capability should ideally be reserved for regular users and guest users with a special invitation role.
What are the possible outcomes of the check?
This check has two possible outcomes. In Attic, this is reflected as follows:
- Okay: guest users are not allowed to invite new guest users
- Warning: guest users are allowed to invite new guest users themselves
How should this be followed up?
If the check results in an output of Warning, we advise reserving guest invitations for regular users and guest users with a special invitation role.
A Fix is available for this check, which we will offer through Attic.
Comments
0 comments
Please sign in to leave a comment.