Use Azure AD to understand Risky Sign-ins in Microsoft 365 and Azure AD
Organisations that are unfortunately not yet able to roll out multi-factor authentication can use insights to promote the activation of MFA within the organisation.
User accounts are massively misused by different types of attackers who already have your password in their possession. In the first phase, Multi-factor authentication is the most recommended feature to deploy. How to activate Multi-Factor Authentication (MFA) in Microsoft Office 365?
Azure AD activate risky sign-ins with a demo account
Open Azure Active Directory -> Open report: Here you see Risky Users, Risky Sign-ins and Risk Detection.
This report shows all risks on all current users.
If you select the user, you can see why they have increased risks.
Azure AD export
Open Azure Active Directory
Click on Sign-ins to view all login attempts.
Download the complete CSV file.
Download the CSV file and filter for example on not a specific location to get insights on risks and successful unwanted login attempts.
With up-to-date data, you are able to understand the risks that exist in your environment today and act accordingly. It is often unknown how many risks there are and how many sign-ins are happening from places we don't have users.
Is your organisation now convinced of the value of multi-factor authentication?
How to activate DKIM in Microsoft 365?
How to use the latest version of Apple Passwords in iCloud for Windows?
How to activate Multi-Factor Authentication (MFA) in Microsoft Office 365?
Managing app passwords for legacy applications - Multi-factor authentication