Enable Identity Protection sign-in risk policies
Why This Matters
Unchecked sign-in risks expose your organization to account compromise from malicious authentication attempts. When you enable Identity Protection sign-in risk policies, suspicious sign-ins are challenged for multi-factor authentication, preventing unauthorized access even if credentials are stolen. For users who have not registered for MFA, the policy blocks access entirely, so you must configure the MFA registration policy first.
What Aether365 Checks
Aether365 verifies that a Conditional Access policy is enabled to respond to sign-in risk, aligning with the CIS Microsoft 365 Foundations Benchmark requirement. This check appears in the Aether365 dashboard under the Entra ID checks section.