Privileged Azure Entra user is a guest account

azure.compute
Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Description

Guest accounts are users external to your organization that have been invited into your Azure tenant. They open an additional attack vector within your tenant. Guest accounts should be reviewed to ensure their level of access is the minimum required for their role and that they are removed when no longer required.

Remediation

  1. Review the access level of all guest accounts in your tenant.
  2. Remove any guest accounts that do not require access to your tenant.
  3. Ensure that the access level of guest accounts is the minimum required for their role.