login

Parameswaran
.ical

Session

09-05
14:00
40min
The Silent Data Breach: Unintended Exposure of Sensitive Information in Microsoft Enterprise Enrollment, Entra, and Intune
Jeffrey Gaor, Parameswaran

This talk reveals a silent but critical misconfiguration in Microsoft Enterprise Enrollment that allows any authenticated user to export sensitive enterprise user data including emails, job roles, and contact info without elevated permissions. We'll uncover how this overlooked flaw can lead to data breaches and share best practices for securely configuring Azure to prevent similar risks.

Track 1