I’m excited to share with you the public preview of access reviews for inactive users, part of Azure Active Directory Identity Governance. We have seen an explosion in collaboration growth over the past two years, both within and between organizations. While this growth has been great for productivity, it’s also expanded the likelihood that “stale” accounts—accounts that were needed at one time, but not any longer—might be lurking in your environment. Examples include former employees who have left the organization, or contractors whose assignments have ended. It’s an easy but powerful way to reduce security risks by uncovering these stale accounts, and removing them if they truly have no purpose going forward.
The public preview of access reviews for inactive users enables administrators to review and remove stale accounts that have not signed in for a certain number of days. Both interactive and non-interactive sign-in activities are covered under sign-in activity. As part of the review process, stale accounts can automatically be removed. This, in turn, improves your organization’s security posture.
Want to help reduce the risk of inactive users? Try the access reviews now. You can specify an inactive duration for up to two years for guest users, or all users.
For detailed instructions on how to set up inactive user reviews, see our Azure AD access review documentation. To try these reviews out via our MS Graph APIs (beta), review our MS Graph API documentation.
Alex Simons (Twitter: @Alex_A_Simons)
Corporate Vice President of Program Management
Microsoft Identity Division
Learn more about Microsoft identity: