With AAD-Guradian it's possible to easily adopt secure configurations for Azure AD.
- Break Glass Accounts
- Break Glass Accounts Group
- MFA for Admins
- MFA for all Users
- MFA for external Users and Guests
- Block legacy authentication
- Block unknown or unsupported device platform
Exclude Break Glass Accounts Group from CA policies
- Break Glass Account Usage
- Membership of Break Glass Accounts Group
- Logins w/o Conditional Access policy
- Privileged Role Assignments outside of PIM