Challenge #3
Secure Data by Restricting User Consent
Enhance your data security by managing user consent for applications in Microsoft 365. Ensure every app accessing your company’s data receives your explicit approval.
Why?
Every application your team uses could be a gateway to sensitive company data. But what if users, unknowingly or accidentally, give these applications access to your information? That’s where the power of restricting user consent comes into play. This setting in Microsoft 365 ensures that any application seeking access to your data doesn’t get a free pass—it must be approved by you, the administrator, or whoever is responsible for IT (e.g., Third Octet).
Think of your company data as a treasure that needs guarding. Without proper oversight, it’s like leaving the treasure chest unlocked. By managing user consent, you’re effectively putting a robust lock on this chest. This way, only applications that have your explicit permission can access your precious data, keeping out those that might misuse it. Remember, it’s not about limiting your team’s tools; it’s about making sure each tool is safe and right for your business.
How?
Adjusting your Microsoft 365 settings to restrict user consent is straightforward. Here’s how to ensure that applications access your company data only with your approval:
Step 1: Go to the Entra Admin Center
On your computer, launch a new browser window (Edge, Chrome), and type in https://entra.microsoft.com/ and press enter.
Note: You will require Microsoft 365 administrative credentials – be sure to have the username and password ready.
Step 2: Navigate to Application Settings
Within the Microsoft Entra Admin Center:
- Look for and select Identity along the left-hand side menu
- Under Identity, look for and select Applications
- Under Applications, select Enterprise applications
Step 3: Modify Consent and Permissions
- Within the Enterprise applications window, under Security, find and select Consent and permissions
Step 4: Set Restriction on User Consent
- Within Consent and user permissions, find the section for User consent for applications
- There are three available options:
-
Do not allow user consent: An administrator will be required for all apps.
-
Allow user consent for apps from verified publishers, for selected permissions: All users can consent for permissions classified as “low impact”, for apps from verified publishers or apps registered in this organization.
-
Allow user consent for apps: All users can consent for any app to access the organization’s data.
-
- While Microsoft may recommend Allow user consent for apps from verified publishers, we prefer the more restrictive option Do not allow user consent.
- Both options are inherently more secure than the last option, Allow user consent for apps
Step 5: Save Your Settings
- Once you are satisfied, click Save by selecting the Save icon on the top of the User consent settings window.
While you’re here…
Cyber Threats SMBs Can’t Ignore—and How to Defend Against Them
Cyber risks are growing, but securing your small or medium-sized business doesn’t have to be difficult. Learn how SMBs can protect themselves from phishing, ransomware, and AI-powered attacks with simple, cost-effective solutions. Schedule your free cyber risk assessment today.
Cybersecurity Awareness Month: Boost Your Online Safety with Simple Steps
Discover the significance of Cybersecurity Awareness Month in October, aimed at boosting online safety through simple actions like updating passwords and enabling two-factor authentication. Learn about its history, key milestones, and impactful campaigns such as “Stop. Think. Connect.” Find out how national efforts and success stories illuminate the path to a more secure digital world for individuals and businesses alike.
Unlocking Hidden Power: The Key Role of Training in Maximizing Your Tech Investments
Imagine investing in a state-of-the-art kitchen and only using the microwave. Absurd, right? Yet, businesses do this with technologies like Microsoft 365, missing out on powerful features due to lack of training. According to Gartner, Shadow IT can consume 30-40% of IT spending, increasing inefficiencies and risks. At Third Octet, our training programs ensure your team fully leverages these tools, unlocking their true potential. Ready to transform your technology use?