Privileged user accounts should not remain enabled when the linked primary account is disabled.

Why This Matters

When a primary user account is disabled, any linked privileged account that remains active creates a significant security gap. This misconfiguration allows unauthorized access through an account that should no longer be usable, potentially enabling lateral movement or privilege escalation within your Microsoft 365 tenant.

What Aether365 Checks

Aether365 verifies that no privileged user accounts remain enabled when their associated primary account is disabled. This check appears in your Aether365 dashboard under the entra-id category.