At least one Conditional Access policy is configured with device compliance
Why This Matters
Without a conditional access policy requiring device compliance, non-compliant or unmanaged devices can access your tenant resources. This bypasses your security configurations and exposes your organization to risks from devices that lack proper antivirus, encryption, or patching. Enforcing device compliance ensures only trusted devices with verified security posture can connect.
What Aether365 Checks
This check verifies that at least one conditional access policy exists in your Microsoft 365 tenant with the "Require device to be marked as compliant" grant control. It appears in the Aether365 dashboard under microsoft-365 checks and helps confirm basic device security enforcement.