So many AI Agents are available to use in your tenant without you even knowing. More and more agents are becoming available, and this will keep going. Unless you put a stop to it or manage it. The first thing you should do is block the high-risk ones. In this article, you will learn how to block access for high-risk AI Agents.
Table of contents
Block access for high-risk AI Agents
To block access for high-risk AI agents using a Conditional Access policy, follow the steps below:
- Sign in to Microsoft Entra admin center.
- Browse to Entra ID > Conditional Access > Policies.
- Click New policy.
- Give your policy a name (CA13-Block High-Risk Agent Identities).
- Click under Users or agents (Preview).
- Select Agents (Preview).
- Select Include > All agent identities (Preview).
- Click under Target resources.
- Select Resources (formerly cloud apps).
- Select Include > All resources (formerly ‘All cloud apps’).
- Click under Conditions.
- Click under Agent risk (Preview).
- Select Configure > Yes > High.
- Click Done.
- Click under Grant.
- Select Block access.
- Click Select.
- Select Enable policy > On or Report-only.
- Click Create.
It will automatically create a new Conditional Access policy, and it appears in the list.
Note: Wait a few minutes for the CA policy to be effective.
That’s it!
Read more: Block sign-in from shared mailboxes »
Conclusion
You learned how to block access for high-risk AI Agents. It’s essential that every organization at least configures this CA policy. There is no need to accept all AI Agents in your organization, unless you’re asking for trouble.
Did you enjoy this article? You may also like Restrict access to Microsoft Entra admin center. Don’t forget to follow us and share this article.