Sign in / up

back to article Microsoft 365 guest accounts + Power Apps = security nightmare

Microsoft 365 guest accounts aren't nearly as secure as Redmond would lead customers to believe, as low-code security expert Michael Bargury demonstrated at Black Hat. Guest accounts are commonly used by Microsoft shops to give non-employees access to their 365 tenancy with limited permissions, usually just access to a Teams …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Scott 26
    Mushroom

    Great. Looks like I have some work to do this morning - or at the least, tell my client's internal PA team, THEY have some work to do.

    7 0 Reply
  2. thondwe

    Not just Guest accounts if you have a population of Students for example...

    3 0 Reply
    1. Mungo Bung
      Reply Icon

      "Just stick students and staff in the same tenant - what could possibly go wrong?" *headdesk*

      2 0 Reply
  3. MiguelC Silver badge

    Re: "that shouldn't matter if a company is practicing good access management." That would be true, but it's here that Bargury's experience as co-founder and CTO of Zenity, a low-code/no-code security and governance platform, comes into play: he says many companies aren't.

    That's where the problem lies, because if it wasn't PowerApps it would be something else.

    0 0 Reply
  4. Claptrap314 Silver badge

    Who would have guest...

    that a m$ product was insecure?

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like