Two Core Risk Policies
Identity Protection provides two automated policies.
Sign-in Risk Policy
User Risk Policy
Both policies support self-remediation.
Prerequisites for Self-Remediation
Users must be registered for:
Microsoft strongly recommends combined security info registration.
Self-remediation reduces:
Choosing Risk Thresholds
Microsoft’s recommended configuration:
Lower thresholds increase security but increase user disruption. Higher thresholds reduce friction but allow more risk.
Exclusions and Trusted Locations
Emergency access accounts must always be excluded. Trusted locations reduce false positives in risk detection.