contact me: [email protected]
These risks are categorized into three tiers: low, medium, and high. While Microsoft doesn’t provide exact details on what signals or combinations of signals are used as the basis of categorization, it does provide reporting and workflows that can mitigate the risks.
Note
Identity Protection features are based on machine learning and need to gather at least 30 days’ worth of baseline data before it can be used to provide information.
When these types of activities or events are detected, notifications are generated for administrators. For example, users attempting to log in when impossible travel is detected may be presented with a dialog to re-confirm their identity using an already-established multifactor authentication method.
Depending on how your security organization is structured, you may be able to delegate certain levels of responsibility. Table 6.1 describes the roles and access available to Identity Protection users: