Connect with experts and redefine what’s possible at work – join us at the Microsoft 365 Community Conference May 6-8. Learn more >

Forum Discussion

EntraBrainstorm

Copper Contributor

Jul 30, 2024

B2B Users Risky Policies Mitigation

Is there a possibility for B2B users to mitigate Risky Policies in the resource tenant? Auto-remediation policies not helpful for password change due to different home tenant and no MS references...

identity protection

MatejKlemencic

Brass Contributor

Jul 31, 2024

Hello EntraBrainstorm

B2B users must address and mitigate the risk status within their home tenant.

EntraBrainstorm
Copper Contributor
Jul 31, 2024
MatejKlemencic B2B users shows risky in resource tenant not in home tenant. Could you clarify how mitigating risk at home tenant would help ?
- MatejKlemencic
  Brass Contributor
  Jul 31, 2024
  EntraBrainstorm
  
  True, but the risk for a B2B user is evaluated in their home directory by design. You can exclude B2B users from your Conditional Access policies with Sign-In risk conditions; otherwise, B2B users will need to address their risk status in their home directory.
  
  More info is available here > https://learn.microsoft.com/en-us/entra/id-protection/concept-identity-protection-b2b#how-does-id-protection-work-for-b2b-users
  - EntraBrainstorm
    Copper Contributor
    Jul 31, 2024
    Yes, the only way to mitigate guest users from Risky policies is to exclude them from the Risky CA policies. Guest accounts have different domains even non-Microsoft domains, so risky users from resource tenant cannot be mitigated by limitations by MS.