How to Detect and Block Risky AI Agents Using Microsoft Conditional Access (CA)

Learn how Perth SMBs can detect high-risk AI agent identities with Microsoft Entra ID Protection and block them automatically using Conditional Access policies—before they compromise your data.

Garry BloomGarry Bloom · Founder & Senior IT Manager
2 June 2026
5 min read
risky AI agents
block AI Conditional Access
Microsoft Entra ID Protection
AI security Perth
MSP cloud security

Detect and Block Risky AI Agents Before They Compromise Your Data

Artificial intelligence is transforming how businesses work—but unmanaged AI agents can become a major security risk. Compromised or misconfigured AI agents may access sensitive data, exfiltrate customer information, or move laterally through your network.

The good news: Microsoft now lets you detect and block high-risk AI agents automatically using Conditional Access (CA) policies.

What Is “Agent Risk”?

Microsoft Entra ID Protection now includes Agent Risk (Preview), which evaluates AI agent identities for signs of compromise, unusual behavior, or policy violations. When an agent is flagged as High Risk, you can automatically block its access to all your cloud resources.

How to Block High-Risk AI Agents with Conditional Access

Follow these steps in the Microsoft Entra admin center:

  1. Sign in as a Conditional Access Administrator

  2. Go to Entra ID > Conditional Access > Policies

  3. Select New policy and give it a clear name (e.g., Block-High-Risk-AI-Agents)

  4. Under Assignments:

    • Select Users, agents (Preview) or workload identities

    • Choose Agents (Preview)All agent identities (Preview)

  5. Under Target resources:

    • Select Resources (formerly cloud apps)All resources

  6. Under Conditions > Agent risk (Preview):

    • Set Configure to Yes

    • Select High risk level

  7. Under Access controls > Grant:

    • Select Block access

  8. Set Enable policy to Report-only first to validate impact

  9. Create the policy, then switch from Report-only to On once confirmed

This policy ensures that any AI agent detected as high risk is immediately blocked from accessing your Microsoft 365, Azure, or other cloud apps.

Why This Matters for Perth SMBs

  • AI adoption is accelerating, but most small businesses lack AI governance

  • A single compromised AI agent can expose customer data, financial records, and IP

  • Conditional Access gives you automatic, policy-driven protection without slowing down legitimate users

  • As an MSP client, you can roll this out across all your environments from one central location

Next Steps

If your IT setup doesn’t yet include AI-agent risk controls, worth checking this setting in your environment today.

If this sounds like your current setup, I’m happy to help you tighten it up with a secure Conditional Access strategy tailored for Perth SMBs.

Garry Bloom
Written by
Garry Bloom
Founder & Senior IT Manager · 25+ years in IT

Garry founded Computer Mechanics — the business behind IT Support Perth — in 1997. With more than 25 years in IT management and support across internal and external service environments, he leads the team's technical direction and its cybersecurity and managed-IT strategy for Perth businesses.

Meet the IT Support Perth team →
Garry Bloom
2 June 2026
5 min read
risky AI agents
block AI Conditional Access
Microsoft Entra ID Protection
AI security Perth
MSP cloud security

Stay Updated with IT Insights

Get the latest cybersecurity tips and technology insights delivered to your inbox

Related Articles

4 IT Gaps Small Businesses Overlook (and How to Close Them)

Most Perth businesses aren't undone by one huge disaster — it's the small IT gaps that stack up: missing MFA, delayed patching, old access nobody removed, and untested backups. Here's how teams under 50 users can close them. From Computer Mechanics, Perth IT specialists since 1997.

5 min read

How to Safely Offboard an Employee (and Protect Your Company Data)

When a staff member leaves, their access is a security risk until it's properly closed off. A practical Perth-business checklist for offboarding an employee without losing data or leaving a door open. From Computer Mechanics, Perth IT specialists since 1997.

5 min read

5 Signs Your Business Has Outgrown Your Current IT Guy

One trusted 'IT guy' works — until it doesn't. Here are five clear signs a Perth business has outgrown break-fix IT and needs a proper managed IT team. From Computer Mechanics, Perth IT specialists since 1997.

5 min read

Need Expert IT Support?

Get personalized advice from our Perth IT experts. Free consultation available.

Related Content

Continue Reading

Explore more insights and expert advice on IT support, cybersecurity, and digital transformation

Your Messages Are "Encrypted" — But the FBI Just Read Them Anyway. Here's What Every Perth Business Needs to Know.
CyberSecurity
ITSupportPerth

Your Messages Are "Encrypted" — But the FBI Just Read Them Anyway. Here's What Every Perth Business Needs to Know.

Most small business owners believe end-to-end encryption means their messages are completely private. A recent FBI case proves that assumption is dangerously incomplete.

5 min read
4/15/2026
What’s new in SMB1001:2026?
SMB1001
SMB10012026

What’s new in SMB1001:2026?

SMB1001:2026 updates for Perth SMBs: Mandatory DMARC from Silver tier, 5 maturity levels, Essential Eight alignment. Get certified, cut insurance costs, win tenders—start your roadmap today!

5 min read
2/25/2026
Deepfake Voice Scams: The AI Fraud Threat Perth Businesses Can't Ignore
Cybersecurity
AI

Deepfake Voice Scams: The AI Fraud Threat Perth Businesses Can't Ignore

AI can now clone a voice from seconds of audio, and businesses are losing millions to fake 'CEO' calls. Here's how deepfake scams work, why Perth SMBs are targets, and the simple process that stops them. From Computer Mechanics, Perth IT specialists since 1997.

5 min read
7/13/2026