Skip to content

Admin Center

The Admin Center integration detects a variety of data loss prevention, account misconfiguration, and user security risks in an integrated Microsoft 365 account that could leave you and your organization vulnerable.

Integration prerequisites

  • A Microsoft 365 account with an active Microsoft Business Basic, Microsoft Business Standard, Microsoft 365 E3, Microsoft 365 E5, or Microsoft 365 F3 subscription
  • Global admin role or equivalent permissions in Microsoft 365

Integration permissions

Refer to Microsoft 365 integration permissions for information on which API permissions to enable.

Security findings

The Admin Center integration currently scans for the following findings, or security risks. Findings are grouped by category and then ordered by severity level.

To stay up-to-date with new CASB findings as they are added, bookmark this page or subscribe to its RSS feed.

User account settings

Keep user accounts safe by ensuring the following settings are maintained. Review password configurations and password strengths to ensure alignment to your organization's security policies and best practices.

Finding typeFindingTypeIDSeverity
Microsoft: FIDO2 authentication method unattested5a9fd288-c04f-4f7a-8976-bfd5464c6cf1Low
Microsoft: Provisioning error for on-prem user3123d99e-a83c-4d9d-9a10-80da5af6dee5Low
Microsoft: Password expiration disabled for userce8cc363-7cbb-445e-8385-79ae7348e430Low
Microsoft: Password not changed for 90+ days93be1fd1-b6c6-4b98-a04c-121d5ea66745Low
Microsoft: Strong password disabled for useraecfdcb2-ec1f-4571-be3c-4ae46c93125eLow
Microsoft: Cloud sync disabled for on-prem user8370628b-73f1-41a5-bbff-4d5adee7bf33Low
Microsoft: Weak Windows Hello for Business key strength6fae390f-07a3-4577-9821-034a7b29e18eLow
Microsoft: On-prem user not synced in 7+ days1eefc5a1-e665-431a-b939-cfbb76a309f5Low
Microsoft: User is not a legal adult329030a3-db43-4959-9d92-2616a42f1731Low
Microsoft: User configured proxy addresses61406f68-feea-43c5-bda8-b7c4ef9b83cfLow
Microsoft: User account disabled0a8bd094-9138-4e7f-8ce8-bebdf5c27c4eLow
Microsoft: Reusable temporary access pass98571e6b-c323-48bc-8c60-f0425c7f9342Low
Microsoft: Long-lived temporary access pass45cdbd9c-1594-488b-973e-7c62c6e7234eLow

Third-party apps

Identify and get alerted about the third-party apps that have access to at least one service in your Microsoft 365 domain. Additionally, receive information about which services are being accessed and by whom to get full visibility into shadow IT.

Finding typeFindingTypeIDSeverity
Microsoft: App not certified by Microsoft3f049bb1-3709-4d8f-8591-59dd034cf396Low
Microsoft: App not attested by publisherd7390d6b-f466-4293-8528-6218e29b1179Low
Microsoft: App disabled by Microsoftb5156b76-caaa-4ca8-bdb7-ea282da62356Low