B2B Users Risky Policies Mitigation

Copper Contributor

Is there a possibility for B2B users to mitigate Risky Policies in the resource tenant?

 

Auto-remediation policies not helpful for password change due to different home tenant and no MS references that helps to mitigate B2B users other than exclusion from the risky group. 

5 Replies

Hello @EntraBrainstorm 

 

B2B users must address and mitigate the risk status within their home tenant.

@MatejKlemencic B2B users shows risky in resource tenant not in home tenant. Could you clarify how mitigating risk at home tenant would help ?

@EntraBrainstorm 

 

True, but the risk for a B2B user is evaluated in their home directory by design. You can exclude B2B users from your Conditional Access policies with Sign-In risk conditions; otherwise, B2B users will need to address their risk status in their home directory.

 

More info is available here > https://learn.microsoft.com/en-us/entra/id-protection/concept-identity-protection-b2b#how-does-id-pr... 

Yes, the only way to mitigate guest users from Risky policies is to exclude them from the Risky CA policies. Guest accounts have different domains even non-Microsoft domains, so risky users from resource tenant cannot be mitigated by limitations by MS.