Had an email like this over the weekend?
"Your Granular admin relationship with MyWork expires soon. MyWork will no longer have access to manage your account with Microsoft. This relationship and assigned roles gives them access to the Microsoft 365 admin center and other sites to manage your account."
Many of you will recall the changes to 2FA authentication rules rolled out clumsily by email providers late last year that caused a fair amount of stress and inconvenience in the name of improved security.
In an effort to continue its mission to improve security across all of its products, services and entire partner ecosystem; Microsoft has enforced another major change as of the 3rd of August 2024 which means most of you will have received a confusing email from Microsoft about your granular admin relationship expiring.
What’s changed?
From a Microsoft Partner and support service providers’ perspective, this change effectively means Microsoft Partners (like MyWork) can no longer access their client’s Microsoft 365 global administration area without first needing to request this access from our customers.
Whilst resetting and time limiting access to global delegated admin privileges (GDAP) will undoubtedly help protect access to customer data, these additional security measures will understandably add additional steps and red tape to Microsoft Partner’s ability to provide quick and easy support to customers.
What are granular delegated admin privileges (GDAP)?
GDAP is a security feature that provides partners with least-privileged access following Microsoft’s Zero Trust cybersecurity protocol. This least-privileged access means Microsoft Partners (like MyWork) now need to be explicitly granted permission by their customers to access their accounts in order to help manage and support their accounts.
1. Will my emails stop working?
No, your current email setup and access will be unaffected by this change.
2. Can MyWork still provide me with email support?
Yes, the main change is that we now need to request your permission again to do so. To allow us access to do that for you, you’ll need to follow the steps in point 3 below.
3. What do I need to do to give MyWork access again?
To give MyWork permission to access and support your Microsoft account, you’ll need to click the following link to accept this invitation to authorise MyWork to be your Microsoft indirect reseller.
In order to accept this invitation, however, you’ll need to ensure you’re logging in with your primary Global Admin permission account.
If you’re unsure which email address is a Global Administrator on your account, you’ll need to contact Microsoft on 1800 197 503 and select Option 2 for Business Support.
Help us help you! Don’t wait until you need support.
The point of GDAP is ultimately to protect access to Microsoft customer data in a world where cybersecurity concerns are at the forefront of our minds.
While yes, being forced to taker these additional security steps is frustrating for Microsoft customer and partners alike, the security benefits and peace of mind should outweigh the inconvenience.
So, save yourself the future hassle of waiting to grant MyWork permissions when the issue is urgent, and proactively follow the steps outlined above.
Still not quite sure what to do? No worries! Just give us a call today on 1300 809 424 and let us know how we can help!