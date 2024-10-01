The Admin Center integration detects a variety of data loss prevention, account misconfiguration, and user security risks in an integrated Microsoft 365 account that could leave you and your organization vulnerable.

Integration prerequisites

A Microsoft 365 account with an active Microsoft Business Basic, Microsoft Business Standard, Microsoft 365 E3, Microsoft 365 E5, or Microsoft 365 F3 subscription

Global admin role ↗ or equivalent permissions in Microsoft 365

Integration permissions

Refer to Microsoft 365 integration permissions for information on which API permissions to enable.

Security findings

The Admin Center integration currently scans for the following findings, or security risks. Findings are grouped by category and then ordered by severity level.

To stay up-to-date with new CASB findings as they are added, bookmark this page or subscribe to its RSS feed.

User account settings

Keep user accounts safe by ensuring the following settings are maintained. Review password configurations and password strengths to ensure alignment to your organization's security policies and best practices.

Finding type FindingTypeID Severity Microsoft: FIDO2 authentication method unattested 5a9fd288-c04f-4f7a-8976-bfd5464c6cf1 Low Microsoft: Provisioning error for on-prem user 3123d99e-a83c-4d9d-9a10-80da5af6dee5 Low Microsoft: Password expiration disabled for user ce8cc363-7cbb-445e-8385-79ae7348e430 Low Microsoft: Password not changed for 90+ days 93be1fd1-b6c6-4b98-a04c-121d5ea66745 Low Microsoft: Strong password disabled for user aecfdcb2-ec1f-4571-be3c-4ae46c93125e Low Microsoft: Cloud sync disabled for on-prem user 8370628b-73f1-41a5-bbff-4d5adee7bf33 Low Microsoft: Weak Windows Hello for Business key strength 6fae390f-07a3-4577-9821-034a7b29e18e Low Microsoft: On-prem user not synced in 7+ days 1eefc5a1-e665-431a-b939-cfbb76a309f5 Low Microsoft: User is not a legal adult 329030a3-db43-4959-9d92-2616a42f1731 Low Microsoft: User configured proxy addresses 61406f68-feea-43c5-bda8-b7c4ef9b83cf Low Microsoft: User account disabled 0a8bd094-9138-4e7f-8ce8-bebdf5c27c4e Low Microsoft: Reusable temporary access pass 98571e6b-c323-48bc-8c60-f0425c7f9342 Low Microsoft: Long-lived temporary access pass 45cdbd9c-1594-488b-973e-7c62c6e7234e Low

Third-party apps

Identify and get alerted about the third-party apps that have access to at least one service in your Microsoft 365 domain. Additionally, receive information about which services are being accessed and by whom to get full visibility into shadow IT .

Finding type FindingTypeID Severity Microsoft: App not certified by Microsoft 3f049bb1-3709-4d8f-8591-59dd034cf396 Low Microsoft: App not attested by publisher d7390d6b-f466-4293-8528-6218e29b1179 Low Microsoft: App disabled by Microsoft b5156b76-caaa-4ca8-bdb7-ea282da62356 Low