Microsoft Partners and freelance consultants often work with multiple customers, needing access to different Microsoft 365 environments. This session will focus on how to balance security policies for external administrators to protect administrative permissions effectively.

We'll discuss whether to create a guest or regular user account for external admins, or to provide access through GDAP, and look at the pros and cons of each option.

To make a decision, we'll address some important questions such as:

• Should external admins be included in Conditional Access policies?
• How can we ensure they work from a safe and compliant device?
• How can we enforce MFA on them without causing multiple MFA prompts?
• Can we give admin permissions to external users through Privileged Identity Management (PIM)?
• Are there any other policies or tools that we should specifically use for them?

Whether you're a Microsoft partner managing multiple customer tenants or a customer looking to provide secure access for your Microsoft Partner or freelance consultants, this session is for you. By the end of this session, you'll know how to tackle the challenge of providing secure access to your external admins.

You will learn:

• How to balance and adjust security policies for external administrators to protect administrative permissions effectively.
• Best practices and common mistakes when dealing with external administrators.
• How to deal with external admins working from unmanaged and non-compliant devices.