Risky Apps

Enterprise Applications (registered in Entra ID) are a heavily used feature of M365 which allow businesses to expand and augment the capabilities of M365 by linking it to 3rd party applications. These are known as Enterprise Applications.

Enterprise applications then query and/or change M365 data on behalf of users. A permissions scope indicates the capabilities on the user(s) by each enterprise application.

The Risk

Malicious apps can steal data, or breach accounts.

Non malicious apps can still be a security risk as they may be allowing access to the users and their data that do not align with the goals of the business

The Solution

Please watch the associated video on how we can analyze this risk