Managed devices SHOULD be required for authentication.

Why This Matters

Requiring managed devices for authentication reduces the risk of unauthorized access and credential theft. When unmanaged devices can authenticate, attackers have an easier path to compromise accounts and move laterally in your environment. Enforcing device management ensures that only compliant, company-controlled devices can sign in to critical resources.

What Aether365 Checks

Aether365 verifies that your Microsoft Entra ID conditional access policy requires managed devices for authentication. This check appears in the Aether365 dashboard under the entra-id check category.