Ensure 'Access reviews' for high privileged Entra ID roles are configured
Why This Matters
Without regular access reviews for high privileged Entra ID roles, your organization risks undetected role drift or malicious activity. Attackers or insiders with stale Global Administrator or other critical roles can cause significant damage. Implementing recurring reviews enables fail-closed mechanisms to automatically remove access if reviewers do not respond, enforcing separation of duties.
What Aether365 Checks
Aether365 verifies that access reviews are configured for high privileged Entra ID roles and scheduled to recur no less frequently than weekly. This check appears in the Aether365 dashboard under Entra ID checks and includes the following roles: Global Administrator, Exchange Administrator, SharePoint Administrator, Teams Administrator, and Security Administrator.