Skip to main content

Decommission WAM servers

Implementation Effort: Medium – IT teams must manage targeted tasks to safely retire servers, ensuring no residual dependencies remain post-migration. User Impact: Low – Decommissioning is purely administrative and backend; no action or notification required for users.

Overview

Decommissioning Web Access Management (WAM) servers after applications have migrated to Microsoft Entra ID involves shutting down legacy infrastructure that previously managed authentication. Completing this step reinforces the Zero Trust principle of "Assume breach" by removing outdated systems that threat actors might exploit due to their weaker security posture. Additionally, it supports operational efficiency by reducing complexity and maintenance overhead. Not performing this step can leave unnecessary legacy infrastructure active, creating potential vulnerabilities and resource waste.

Reference