The Azure AD portal is sensitive – the last thing we want is for an admin to walk away from their computer and for a malicious actor to piggyback behind them. This is one of those scenarios that people think will never happen to their business – until it does!
Thankfully, there is a very useful safeguard against this: enabling a portal timeout after a certain period of inactivity, much like the very common idle-lock screensaver common in corporate IT environments.
To enable, follow this process:
1. Sign in to portal.azure.com as an admin.
2. From the portal, select the Gear icon in the toolbar menu at the top of the screen, then select Configure directory level timeout.
3. Select Enable directory level idle timeout for the Azure portal, then select the ours and/or minutes before the portal logs out automatically. In general, I would suggest an automatic logout after 15 minutes of inactivity.
4. Select Apply, and… done! Your timeout policy is now in place.