Try this first
- 1Microsoft 365 admin: Active Users > filter by 'Guests'. Walk the list. Does each guest still match an active collaboration?
- 2Entra > External Identities > Cross-tenant access settings: shows guest accounts from other tenants. Remove what is old.
- 3For vendors with separate logins (not M365 guest): keep a simple list in Excel or Notion: vendor, contact, access type, end date.
- 4Per vendor: check if they use MFA. Ask directly: 'do you use MFA on the account you work with in our systems?'. No answer = risk.
- 5Schedule this audit twice a year. Do not wait longer, the layers get too thick.
When to bring us in
Many vendors, no overview? We build a vendor access register together with you in half a day. Costs less than an audit fine.
See also
- I think I clicked a phishing linkNo shame, happens to everyone. The next fifteen minutes matter.
- A colleague's account is acting strangelySending mail in their name, rules hiding folders, unusual sign-ins. Suspicious.
- Lost the MFA app: new phone, no backup codesClassic problem after a phone upgrade. You are not the first to be locked out.
None of the above fits?
Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.
Or skip the DIY entirely
Our Managed IT clients do not look these things up. One point of contact, a fixed monthly price, resolved within working hours.