second tier admin roles and risks

%3CLINGO-SUB%20id%3D%22lingo-sub-2211246%22%20slang%3D%22en-US%22%3Esecond%20tier%20admin%20roles%20and%20risks%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2211246%22%20slang%3D%22en-US%22%3E%3CP%3EI'm%20trying%20to%20get%20a%20basic%20risk%20context%20around%20some%20lesser%20known%20365%20roles%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CUL%3E%3CLI%3ESecurity%20administrator%3C%2FLI%3E%3CLI%3EHelpdesk%20administrator%3C%2FLI%3E%3CLI%3EBilling%20administrator%3C%2FLI%3E%3CLI%3EUser%20administrator%3C%2FLI%3E%3CLI%3EAuthentication%20administrator%3C%2FLI%3E%3C%2FUL%3E%3CP%3ECould%20you%20provide%20some%20examples%20of%20what%20'damage'%20an%20individual%20could%20do%20with%20the%20above%2C%20if%20they%20were%20granted%20such%20roles.%20Normally%20I%20would%20work%20off%20the%20basic%20risk%20concepts%20such%20as%20inappropriate%20access%20to%20sensitive%20information%2C%20loss%20of%20service(s)%20to%20genuine%20staff%20affecting%20business%20productivity%20etc.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2211246%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAdmin%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EEducation%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOn-Premises%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESecurity%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ETraining%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
New Contributor

I'm trying to get a basic risk context around some lesser known 365 roles:

 

  • Security administrator
  • Helpdesk administrator
  • Billing administrator
  • User administrator
  • Authentication administrator

Could you provide some examples of what 'damage' an individual could do with access to the above roles. Normally I would work off the basic risk concepts such as inappropriate access to sensitive information, loss of service(s) to genuine staff affecting business productivity etc.

1 Reply