Maintaining Optimal Number of Global Admins in Microsoft 365 Tenant [CHK-1329]
This check verifies the number of accounts with global admin rights in your Microsoft 365 tenant. The optimal number is between 2 and 4.
Rationale
Having too many or too few global admins can pose security risks. Maintaining between 2 and 4 global admins ensures there's a backup in case of login issues and prevents too many accounts from having high-level access. This aligns with the CIS Microsoft 365 Foundations Benchmark.
Fix
If there's only one admin in the tenant, give another employee global administrative rights or create an Emergency Access account. This can be used in emergencies, such as when the first admin account is blocked.
If there are more than 4 admins in the tenant, reduce the number to a maximum of 4.
Impact
The number of global admins will be between 2 and 4. This reduces the risk of security breaches and ensures there's always a backup admin.