Ensure user consent to apps accessing company data on their behalf is not allowed

Why This Matters

Allowing users to consent to apps accessing company data on their behalf introduces significant security risks. Malicious or poorly written applications could gain unauthorized access to sensitive information, emails, files, and user profiles without proper IT oversight. This bypasses your organization's governance and can lead to data breaches or compliance violations.

What Aether365 Checks

Aether365 verifies that the Microsoft 365 tenant setting which permits user consent to apps is disabled. This check appears in your Aether365 dashboard under the microsoft-365 category.