Exciting news for organizations focused on security! Starting September 2024, Microsoft extends support for Continuous Access Evaluation (CAE) to the Microsoft 365 admin center. This feature ensures access policies are enforced in near real-time for admin center sessions, eliminating the delay associated with token expiration. Let’s dive into the blog for more details.
What is Continuous Access Evaluation (CAE) and How Does it Work?
Traditionally, when users or admins request access to Entra ID supported applications, an access token with a lifetime of 1 hour is shared. These tokens expire after the given time, and a new one is needed to keep accessing resources. This gap between the token’s expiration time and its revocation can pose a security risk if someone has stolen the token.
This is where continuous access evaluation comes in! It continuously monitors user and admin sessions, including crucial events like login locations, account status, and recent changes to user profiles. CAE has two main components:
1. Critical Event Evaluation: CAE immediately responds to important changes, such as user accounts being deleted or disabled, password changes or resets, enabling multifactor authentication (MFA), revoking refresh tokens, changes in IP addresses, and flags for high-risk users
2. Conditional Access Policy Evaluation: CAE enforces Conditional Access policies based on network locations and other conditions.
Under these circumstances, CAE can act immediately. This action may involve terminating the active session or requiring re-authentication, effectively stopping unauthorized access regardless of token expiration time.
Continuous Access Evaluation Rollout in Microsoft 365 Admin Center
Following the extension of CAE for workload identities, Microsoft is now bringing this feature to the Microsoft 365 admin center. The automatic rollout of CAE to Microsoft 365 admin centers will begin in mid-September 2024 and be completed by the end of the month.
Benefits of CAE in Microsoft 365 Admin Center:
Continuous Access Evaluation in Microsoft 365 admin center offers several key benefits:
Continuous Monitoring: Policies like IP location checks and real-time activity monitoring are actively enforced on user access to the Microsoft 365 admin center, detecting and addressing anomalies swiftly.
Restrict Unauthorized Access: In the event of a compromised account, administrators can immediately disable the account or reset the password. This action effectively blocks any unauthorized access to the Microsoft 365 admin center.
Swift User Access Removal: CAE can instantly terminate access to the Microsoft 365 admin center without waiting for the token to expire.
Azure AD continuous access evaluation is a big step forward for Microsoft 365 security hardening. It helps you respond quickly to threats and keeps your system safer by removing the delay in token expiration. Take advantage of this feature to boost your security.
I hope this blog made you aware of the continuous access evaluation rollout in Microsoft 365 admin center. Feel free to reach us through the comments section if you have any queries.