Decommission WAM servers
Implementation Effort: Medium – IT teams must manage targeted tasks to safely retire servers, ensuring no residual dependencies remain post-migration. User Impact: Low – Decommissioning is purely administrative and backend; no action or notification required for users.
Overview
Decommissioning Web Access Management (WAM) servers after applications have migrated to Microsoft Entra ID involves shutting down legacy infrastructure that previously managed authentication. Completing this step reinforces the Zero Trust principle of "Assume breach" by removing outdated systems that threat actors might exploit due to their weaker security posture. Additionally, it supports operational efficiency by reducing complexity and maintenance overhead. Not performing this step can leave unnecessary legacy infrastructure active, creating potential vulnerabilities and resource waste.