Microsoft GDAP (granular delegated admin privileges)
Is granular delegated admin privileges (GDAP) implemented across your Microsoft Azure tenant(s)?
Keep Information Security Services
https://www.wearekeep.co.uk/wp-content/themes/keepinformation/img/logos/keep-purple-logo.svg
300
80
Keep Information Security Services
If you have a CSP, MSSP, reseller or any other 3rd party that has access to your environment(s) and GDAP isn’t implemented, it’s likely they have the Global Administrator role by default.
If your provider hasn’t contacted you about GDAP and/or implemented it already, you’d be right to question what else they haven’t done for you!? All partners should have the necessary privilege to perform the duties they’ve been contracted to do, working on the basis of least privilege, alongside other controls that adhere to your policies.
Do you log and alert when partner(s) access your environment(s) and confirm their action(s)? Do you require a review of your current provider?
GDAP guidance is located here; https://learn.microsoft.com/en-us/partner-center/gdap-introduction
Speak to one of our consultants if you’d like further guidance.
Related articles
8th January 2024
https://www.wearekeep.co.uk/wp-content/uploads/2019/07/aron-van-de-pol-hXOGHaGCtdA-unsplash-500x333.jpg
cyber security simple facts
Cyber Security – Some simple facts
1st October 2023
https://www.wearekeep.co.uk/wp-content/uploads/2024/01/iStock-1448152453-500x281.jpg
NIST SP 800-53 Rev 5
Cyber Threat Modelling
25th August 2023
https://www.wearekeep.co.uk/wp-content/uploads/2024/01/iStock-1067765066-500x281.jpg
SPF DMARC configuration
SPF & DMARC Configuration
Get in Touch
Please get in touch using the form below.