Are you following Microsoft’s naming standards for Conditional Access policies?
Often, when creating CA policies, we just give them names that come to mind at the moment. It seems fine… until you have 10, 20, or 50 policies and can’t remember what’s what!
The solution? A clear, consistent naming standard. It makes finding, managing, and communicating about policies fast, easy, and error-free.
Here’s what a good policy name should include:
1️⃣ Sequence number – easy reference, even over the phone.
2️⃣ Cloud apps it applies to – know which app is affected immediately.
3️⃣ The response – require MFA, block access, etc.
4️⃣ Who it applies to – specific users or groups.
5️⃣ When it applies – external, internal, or both.
Example: CA01 | Dynamics CRM | Require MFA | Marketing Users | External Networks
A little organization goes a long way in simplifying your Conditional Access strategy!
https://learn.microsoft.com/en-us/entra/identity/conditional-access/plan-conditional-access#set-naming-standards-for-your-policies