Security News > 2023 > January > Microsoft fumbles zero trust upgrade for some Asian customers

Microsoft has messed up a zero trust upgrade its service provider partners have been asked to implement for customers.

The software giant has long given its partners delegated admin privileges that allow them to administer customers' services or subscriptions on their behalf.

Customers authorize DAP before partners can exercise privileges, and the service provider proceeds to provide service.

In recent years Microsoft has noticed that IT services providers have become a target for cyber criminals who realized that cracking a single IT consultancy could let them reach all of its clients.

So in 2022 Microsoft upgraded DAP to granular delegated admin privileges which, as the name implies, offers finer controls - so that if an attacker gains access to a partner's accounts the impact will be less horrible.

The other reason for GDAP-related delays is that Microsoft partners "Have requested default Azure Active Directory roles when creating a new customer tenant." That's not doable at present, so the boffins are busy designing the feature.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/01/13/microsoft_gdap_double_byte_delays/