At least one Conditional Access policy is configured with All cloud apps
Why This Matters
Without a Conditional Access policy applied to all cloud applications, any app without explicit coverage may lack critical security controls such as multi-factor authentication or device compliance checks. This gap can allow attackers to bypass protections by targeting an unprotected application. Ensuring every app is covered reduces the risk of unauthorized access across your tenant.
What Aether365 Checks
Aether365 verifies that at least one Conditional Access policy is configured with the "All cloud apps" assignment in your Microsoft 365 tenant. This check appears in the Aether365 dashboard under the microsoft-365 checks category.