How Microsoft Entra ID Governance Helps You Manage Your Guest Accounts

If you are like me, you have probably invited many guest accounts to your Microsoft 365 environment over the years. But how do you keep track of them and make sure they don’t pose a security risk? Well, I have some good news for you. Microsoft Entra ID Governance has recently introduced some amazing reports for guest accounts that will make your life easier!

I have been using Access Review for a while now to remove old and unused guest accounts, and it works great! But I always wanted to have more visibility into how my guest accounts are being used and what they have access to. That’s why I was thrilled to discover the new reports that Microsoft Entra ID Governance offers.

Let me show you what these reports can do for you!

We can customize the report by adjusting the threshold ourselves. By modifying the threshold from 0 to 365 days, we can quickly observe how the report changes.

In addition to the list of all guest users, we can also access several other reports that provide useful insights. For instance, we can find out how many accounts have never signed in, view a doughnut diagram that shows the percentage of users who have signed in at what time, and get an overview of how many of our guest accounts are active and how many are not. By adjusting the threshold for the report, we can customize the report to our needs

At the bottom of the reports, we can find a list of all guest users, including their name, domain, email, inactive days, and last sign-in date. This list is very useful as it allows us to keep track of all guest accounts that have access to our resources. By sorting the list based on the length of inactivity, we can easily identify which guest accounts have been inactive for a long time and may no longer need access to our resources. We can then navigate to the users blade and remove access, disable, or delete the account as needed. This is a great way to ensure that our resources are secure and that we are only providing access to those who need it.

As we see on the last picture here I have removed some information 😎