Mitigating Risks

If you have integrated Microsoft Entra ID, BarracudaONE identifies security risks in your environment.

Each risk includes the criteria that triggered it, the steps to resolve it, and a detailed explanation of the potential exposure in your environment.

If the risk affects specific elements of your environment, such as users, accounts, or devices, these elements are displayed at the bottom of the page with more detailed information.

You can choose to mitigate these risks by addressing the causes affecting your environment. When you address the issues causing the risk, the risk is automatically resolved once Entra ID is scanned again.

Risks that have been mitigated or accepted are displayed on the Mitigate risks page so you can review or reopen them.

The following are the risks that may be identified:

• Privileged accounts without strong MFA

• Unmanaged device access allowed

• MFA not enabled for some users

• Phishing-resistant MFA not enforced for all users

• Excessive global administrator accounts

Accepting risks

If you don’t want to address the underlying problems for a risk and don’t want to see the risk displayed in BarracudaONE, you can accept the risk. For more information, see https://documentation.campus.barracuda.com/wiki/spaces/ONE/pages/447316091.

To mitigate risks

1. If you’re not on the Home page, click .

2. In the Start mitigating risks section, click the View all risks button.

3. In the Steps to resolve risk in Entra ID section, follow the steps to resolve the risk.

To navigate between risks in an account

1. If you don’t have an account selected, select one in the account picker the top of any page.

2. If you’re not on the Home page, click .

3. In the Start mitigating risks section, click the View all risks button.

4. In the All risks list on the left, click a risk to open it.