How to Fix: Cross-Tenant Access Policy Review
Step-by-step guide to implement cross-tenant access policy review in your Microsoft 365 environment.
5-10 minutes
Estimated Time
4
Steps
high
Severity
Enhanced Security
Baseline Level
Why This Matters
Permissive cross-tenant defaults allow any external organization to collaborate with your tenant. Restricting defaults and configuring partner-specific policies ensures only approved organizations can access your resources.
Prerequisites
- 1Global Administrator or appropriate admin role in Microsoft Entra ID
- 2Access to Microsoft Entra admin center (entra.microsoft.com)
Expected Configuration
- Default cross-tenant access policy is not overly permissive
- Partner-specific configurations exist for known collaborators
- Inbound and outbound B2B access is explicitly controlled
Remediation Steps
Review Current Configuration
Assess your current configuration in Microsoft Entra admin center.
- •Navigate to the relevant section in Entra admin center
- •Document current settings
- •Compare against expected state
Plan Implementation
Determine the changes needed to meet the expected configuration.
- •Review expected configuration requirements
- •Identify affected users or resources
- •Plan rollout strategy
Implement Changes
Apply the necessary configuration changes.
- •Make required configuration updates
- •Apply to appropriate scope
- •Document changes made
Validate and Monitor
Verify the changes are working as expected.
- •Run TrueConfig scan to verify compliance
- •Test affected functionality
- •Set up ongoing monitoring
Auto-Remediation Available
TrueConfig can automatically fix this control for you. Enable auto-remediation to have this configuration applied and maintained automatically.
Learn about auto-remediationRelated Resources
Automate Your Security Configuration
TrueConfig continuously monitors your Microsoft 365 environment and can automatically fix configuration drift. Start your free trial today.
Start Free Trial