Ensure that all the deprecated accounts within your Azure cloud subscription(s) are monitored so that Microsoft Azure Security Center can determine if there are any accounts that need to be removed in order protect against unauthorized access. Deprecated accounts are those accounts that are no longer needed, and blocked from signing in by Azure Active Directory (AAD).
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
By monitoring identity activities using Azure Security Center, you can take proactive actions before an incident occurs, or reactive actions to stop an attack attempt. If the monitoring of the deprecated accounts is enabled, Security Center can flag the deprecated accounts for removal.
Audit
To determine if the monitoring of deprecated accounts is enabled within Azure Security Center settings, perform the following operations:
Remediation / Resolution
To enable the monitoring of deprecated accounts within the Microsoft Azure Security Center settings, perform the following operations:
References
- Azure Official Documentation
- Monitor identity and access
- Sign-in activity reports in the Azure Active Directory portal
- Working with security policies
- Azure Command Line Interface (CLI) Documentation
- az
- az account get-access-token
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.

You are auditing:
Enable Monitoring of Deprecated Accounts
Risk level: Medium