Strengthen Security With Enhanced Reporting Feature In Microsoft Azure Active Directory

Microsoft has released a preview of a new feature – Report Suspicious Activity – in Azure Active Directory (Azure AD), which supplies specific information about login attempts and authentication requests for Multi-Factor Authentication (MFA). By enabling this feature, administrators can receive reports of fraudulent activity from users and take appropriate action to mitigate any risk.

The Report Suspicious Activity feature allows users to report any questionable login attempts they did not initiate when they receive an authentication request. Administrators can view reports that provide detailed information on login attempts, which can help pinpoint and intercept threats before damage is done.

Azure AD MFA feature

If you have the reporting feature disabled (which is the current default for everyone, as it is still in preview), users can only deny unauthorized login attempts by selecting “Deny” or “No, it’s not me” when prompted in the Microsoft Authenticator App. While this temporarily prevents an attacker from accessing the targeted user’s account, it does not notify administrators of a potential safety risk, which can cause questionable and dangerous activity to go unnoticed. With the new reporting feature, users can take it a step further and have the option to report unknown login attempts themselves for further investigation. Additionally, the user status will change to high risk, alerting admins of the event.

Enabling the reporting feature has no major downsides. However, users may be blocked from accessing their account after submitting a report. To prevent productivity interruptions, administrators can implement Self-Service Password Reset (SSPR) for their organization, allowing users to reset their password without needing an IT admin. Additionally, enabling SSPR can increase your organization’s Secure Score – a measurement of your organization’s security level that can be elevated by adhering to recommendations for various Microsoft products.

To enable the reporting service feature, administrators can navigate to their organization through Azure AD, then click on Security, Authentication Methods, and Settings. From there, you can enable the feature for a specific group or the entire organization. After enabling the feature, any suspicious activity reports will be available in Azure AD (under Security and Risk Detections). These reports will be labelled as User Reported Suspicious Activity for Detection Type and provide detailed information that can be used to take precautionary measures.

The reporting feature is useful for organizations that value security and want to proactively detect and handle potential threats. It is particularly beneficial for small and medium-sized organizations with limited IT resources, as it allows users to contribute to their organization’s security posture. By enabling this feature, administrators can preemptively identify and repair issues and give users reporting power to help strengthen the organization’s overall security.

Thank you for reading this post! If you enjoyed it, I encourage you to check out some of our other content on this blog. We have a range of articles on various topics that I think you’ll find interesting. Don’t forget to subscribe to our newsletter to stay updated with all of the latest information on Imaginet’s recent successful projects

Rasmin Patiu

Hello! I’m Rasmin, a Support Technician at Imaginet. My passion lies in making a positive impact on people’s lives, and I find great fulfillment in providing assistance and solutions to their technical problems. In addition to my work in technical support, I enjoy pursuing my interest in web development on the side and have previously worked as a Software Developer.

discover more

Business AUtomation with Powe Automate Workflows

How to Enhance Power Automate Flows

Power Automate is an incredibly powerful tool, but it can be difficult to get the most out of it. Learn how to enhance your flows with this comprehensive guide. Get…

Read More
ChatGPT for Application Development, How to use ChatGPT, OpenAI, Bing Chatbot,

Optimise Learning & Efficiency of Application Development with ChatGPT

The article discusses how artificial intelligence (AI), specifically the AI-powered language model ChatGPT, can be integrated into software development processes. ChatGPT can be utilized for tasks such as providing explanations…

Read More
microsoft intune device management, intune secure remote work access, intune secure remote work setup, intune secure remote work policy, intune secure remote work authentication, microsoft intune remote access, microsoft intune secure access, intune user access control, microsoft intune secure remote desktop access, microsoft intune remote app access

Uses of Intune in a Remote Work Environment

Microsoft Intune is the perfect solution to help you manage and secure your remote work environment. It provides easy access to all your apps, data, and resources while ensuring compliance…

Read More

Let’s build something amazing together

From concept to handoff, we’d love to learn more about what you are working on.
Send us a message below or call us at 1-800-989-6022.