5.4 Ensure the Application Usage report is reviewed at least weekly

Information

You should review the Application Usage report at least weekly. This report includes a usage summary for all Software As A Service (SaaS) applications that are integrated with your directory.

Rationale:

Review the list of app registrations on a regular basis to look for risky apps that users have enabled that could cause data spillage or accidental elevation of privilege. Attackers can often get access to data illicitly through third-party SaaS applications.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

To review the report, perform the following steps using the Azure Portal:

Go to portal.azure.com.

Click Azure Active Directory.

Select Enterprise applications.

Review the information.

See Also

https://workbench.cisecurity.org/files/3729

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-6, 800-53|AU-6(1), 800-53|AU-7(1), CSCv7|6.2

Plugin: microsoft_azure

Control ID: edaf4d04a05348556d75e92fc495e274be80b6156bf19739910fc6a0924774f7