Unfortunately, Microsoft 365 administration is too often a blunt object, with admins laden with global credentials or assigned broad overly powerful, and insecure roles. Licenses controlled by groups that manage them.There are 6 key reasons to use delegated administration for Microsoft 365: Most of them want to delegate administration rights so IT groups can manage their business units independently - but stop short of giving out full Global Admin Rights to regional, local, or specialized IT admins. Organizations using Microsoft 365 with a single tenant that contains multiple departments, remote locations, sister companies, and different agencies have complex environments to support and manage.
Delegated Administration and Microsoft 365 If they shouldn’t be managing it, they shouldn’t be able to see it. The end goal is a concept called Least Privilege Access – assigning the least number of permissions required for the delegated administrator to complete tasks.Īdding to RBAC, you also want to limit the visibility of the delegated admins. Delegated permissions should encompass two complementary concepts, delegating the IT function so it can be done by someone else, and assigning limited rights, which is where RBAC comes in. This replaces a centralized IT administrative model which no longer suits today’s enterprise landscape.Īt the same time, delegating these tasks out to others without carefully managing permissions is a special kind of security nightmare. For this sake, it means how Role-Based Access Control (RBAC) is used to decentralize the administrative function through delegation of these admin duties. How to Delegate Administration and Access in M365 Easily and Securelyĭelegated Administration has a broad use in computing.
0 kommentar(er)
