Microsoft Azure testing out multi-stage reviews for managing access to content

News
By Sean Endicott
published

Multi-stage reviews should streamline managing access to enterprise apps.

Microsoft Azure Hero 4
Microsoft Azure Hero 4 (Image credit: Microsoft)

What you need to know

  • Microsoft Azure is testing out support for multi-stage access reviews.
  • Access reviews allow organizations to manage group memberships and who has access to enterprise applications.
  • Multi-stage reviews can be used to create complex workflows to meet requirements for continued access.

Microsoft has a new feature for Azure in public preview. Starting this week, organizations can test out multi-stage access reviews for Azure AD. With access reviews, organizations can set up requirements for employees and individuals to maintain memberships, role assignments, and access to enterprise applications. Multi-stage reviews can be used to create complex workflows for meeting requirements.

"This capability allows you and your organization to enable complex workflows to meet recertification and audit requirements calling for multiple reviewers to attest to access for users in a particular sequence," explains Microsoft. "It also helps you design more efficient reviews for your resource owners and auditors by reducing the number of decisions each reviewer is accountable for."

Microsoft outlines some scenarios that can be created with the new feature:

  • Reach consensus across multiple sets of reviewers. Require agreement from independent reviewers at every stage before access is recertified.
  • Assign alternate reviewers to weigh in on unreviewed decisions. Ensure accounts left unreviewed by unresponsive or out-of-office reviewers are sent to the next appropriate reviewer, such as the user's manager or the resource owner.
  • Reduce burden on later-stage reviewers. Filter down the number of decisions for your later-stage reviewers by excluding accounts denied in previous stages. For example, have users attest to their own needs for access before asking the resource owners to attest.

One of the big changes rolling out in preview is the ability to set up sequential stages. Without multi-stage reviews, it's possible to end up with multiple reviews for the same person. Support for sequential stages should eliminate this issue as people have a clear path to follow as part of a more complex access review.

Sean Endicott
Sean Endicott
News Writer and apps editor

Sean Endicott brings nearly a decade of experience covering Microsoft and Windows news to Windows Central. He joined our team in 2017 as an app reviewer and now heads up our day-to-day news coverage. If you have a news tip or an app to review, hit him up at sean.endicott@futurenet.com.