IT Blog

Identity & Access Management

What is the difference between User Risk Policy vs Sign in Risk Policy

 

 

 

 width=

Sign-in Risk Policy

The sign-in risk policy detects suspicious actions that come along with the sign-in. It is focused on the sign-in activity itself and analyzes the probability that the sign-in may not have been performed by the user. The sign-in risk checks for things like whether a user has signed in from an unfamiliar location or unfamiliar IP address. You can then choose to require MFA for users based on the risk level of their sign-ins.

https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-sign-in-risk-policy

 

User Risk Policy

The user risk policy detects the probability that a user account has been compromised by detecting risk events that are atypical of a user’s behavior. Risk events require the recording of a user’s activity over a length of time so that it’s possible to detect abnormalities. You can then choose to block access to users based on their risk levels.

https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-user-risk-policy

By Khalid Hussain

Leave a Reply

Your email address will not be published. Required fields are marked *