B2B Users Risky Policies Mitigation

Question

Is there a possibility for B2B users to mitigate Risky Policies in the resource tenant?

Auto-remediation policies not helpful for password change due to different home tenant and no MS references that helps to mitigate B2B users other than exclusion from the risky group.

matejklemencic · Answer

Hello&nbsp;EntraBrainstorm&nbsp;&nbsp;B2B users must address and mitigate the risk status within their home tenant.

entrabrainstorm · Answer

MatejKlemencic&nbsp;B2B users shows risky in resource tenant not in home tenant. Could you clarify how mitigating risk at home tenant would help ?

matejklemencic · Answer

EntraBrainstorm&nbsp;&nbsp;True, but the risk for a B2B user is evaluated in their home directory by design. You can exclude B2B users from your Conditional Access policies with Sign-In risk conditions; otherwise, B2B users will need to address their risk status in their home directory.&nbsp;More info is available here &gt;&nbsp;https://learn.microsoft.com/en-us/entra/id-protection/concept-identity-protection-b2b#how-does-id-protection-work-for-b2b-users&nbsp;

entrabrainstorm · Answer

Yes, the only way to mitigate guest users from Risky policies is to exclude them from the Risky CA policies. Guest accounts have different domains even non-Microsoft domains, so risky users from resource tenant cannot be mitigated by limitations by MS.

matejklemencic · Answer

Correct&nbsp;EntraBrainstorm&nbsp;

Forum Discussion

B2B Users Risky Policies Mitigation

5 Replies

Resources