Have you ever wondered, where your users are actually are login in to the cloud services? Azure AD provides useful information for sign-in logs which can be imported to PowerBI to get more visual expression for your end-users logins.
I simulated scenario where I was performing login from unfamiliar ip-address (suspicious activity) with Azure AD P2 and Identity Protection (IDP). When IDP notifies sign-in risk, Multi-factor authentication is required to grant access to cloud resources in my simulated scenario. This of course depends about the policies what the action will be.
In Identity Protection we can see that I have four (4) medium risks
Simulated logins came from different parts of the world around same time.
In Azure AD there is possibility to integrate sign-ins to Power BI to get visual view from login data, note the failures.
After fetching data to Power BI you get visual expression from same data which further be analyzed and share insights.
One side note is that for some reason Power BI shows Liberia in interesting position on the globe.
I highly recommend to integrate Azure AD sign-in data to Power BI to get more out of your data. Extremely useful for further analysis and in security analysis. Worth to mention is that Power BI data is located at same location where you other O365 services are, at least in tenants I have been working on.