Hey Everyone We would strongly recommend to put alerts in place when a Global Admin gets excluded from MFA. Our internal practice for this is good for change management, but unfortunately we several large co managed IT and have found repeatedly admin accounts get excluded from CA policies. Would like an alert if an admin is excluded, as well as another dashboard that tracks Admins without MFA specifically in addition to users. We feel like this is our biggest risk to tenant compromise so would like to get some hooks around it.
