/
Understanding the Unmanaged device access allowed risk

Understanding the Unmanaged device access allowed risk

BarracudaONE displays this risk when it detects, through Microsoft Entra ID, that users are signing in to your environment from devices that are not enrolled, registered, or compliant with organizational security policies.

Why this is a risk

Personal laptops, mobile phones, unknown endpoints, and other devices that aren’t managed can’t be verified as secure. Because unmanaged devices may not have protections like disk encryption, antivirus, or current security patches, allowing sign-ins from these devices means a higher risk that attackers or malware can access your environment.

Unmanaged access also reduces your ability to enforce consistent security controls. Conditional Access policies that rely on device compliance cannot be applied when the device is not registered. This creates gaps in your Zero Trust posture and increases your exposure to identity-based attacks.

Attackers take advantage of unmanaged devices to install malware tot capture credentials, to hijack sessions, or to redirect users to malicious websites without being detected because they have less protection.

Restricting sign-ins to managed/compliant devices ensures your organization's security requirements are followed and reduces the risk of unauthorized access.

How BarracudaONE identifies this risk

BarracudaONE displays a list of unmanaged devices with the following information:

  • Username

  • Operating system

  • Browser name

  • Browser version

  • Last app signed into

  • Count of unmanaged devices

  • Last sign-in timestamp

Resolving this risk

Resolving this risk involves creating or updating a Conditional Access policy in Microsoft Entra ID that prevents unmanaged devices from accessing your environment.

To resolve the Unmanaged device access allowed risk

  1. In the left navigation menu, select Home Home.png.

  2. In the Start mitigating risks section, do one of the following:

    • Select the Unmanaged device access allowed risk.

    • Select another risk, then use the arrows to navigate to the Unmanaged device access allowed risk.

  3. Review this risk, then create or update a Conditional Access policy in Microsoft Entra ID that prevents unmanaged devices from accessing your environment.

When this criteria is met, the risk auto-resolves after the next Entra ID sync.

If you disable or delete the conditional access policy, the risk returns.

Once you have resolved this risk

 Preventing unmanaged devices from accessing your environment:

  • Reduces malware and breach risk—Unmanaged endpoints are more likely to be missing patches, running outdated software, or already compromised.

  • Limits credential theft and lateral movement—Blocking unmanaged devices helps prevent attackers from using those endpoints as a foothold.

  • Improves compliance—Many frameworks require controlling what devices can access systems and to enforce endpoint security standards.

  • Protects sensitive data—Managed access increases the likelihood that encryption, endpoint security, and data-protection controls are in place.

  • More reliable incident response—Blocking unmanaged devices prevents “blind spots” during investigations.

  • Enforces consistent security baselines—You can require minimum controls like OS version, disk encryption, anti-malware/EDR, firewall status, and patch level.

  • Supports Zero Trust approaches—Denying unmanaged devices is aligned with “never trust, always verify,” improving overall access governance.

We value your feedback.
If you have questions, suggestions, or feedback on our documentation, contact the Campus Product Documentation team.
For general product inquiries or technical support, please contact the global Barracuda Support team.