Help Centerto revoke a user's access to modern cloud services. Users or admins whose access rights have been terminated still have access to resources until the access token expires. For the Microsoft 365 admin center, this access can be as long as an hour, by default. With continuous access evaluation, a user's critical events and network location changes are continuously evaluated.
Enabling CAE offers several key benefits:
- Mitigate insider and data exfiltration threats: An employee can export a valid access token and replay it to gain access to admin center from outside of your organization. With continuous access evaluation, you can enforce IP location policies and monitor user-critical events in near real time to mitigate the risk of external access and exfiltration of data.
- Prevent unauthorized access: When a user account password is compromised, the Microsoft Entra administrator can reset it or disable the account in near real time to prevent unauthorized access to admin center.
- Remove user access in near real time: Organizations have an obligation to instantly remove an admin or user's access because of security threats, termination of employment, policy violations, or legal requirements. With continuous access evaluation, the Microsoft Entra administrator can instantly disable admin or user accounts and revoke access to organization resources in near real time.
What you need to do to prepare:
This rollout will happen automatically by the specified date with no admin action required before the rollout. You may want to notify your admins about this change and update any relevant documentation.
Learn more: Continuous access evaluation in Microsoft Entra - Microsoft Entra ID | Microsoft Learn
CAE will be supported in Microsoft 365 admin center. To take advantage of CAE’s IP location conditional access (CA) policy enforcement, you should set up Continuous access evaluation strict location enforcement in Microsoft Entra ID - Microsoft Entra ID | Microsoft Learn