Conditional Access policies in Azure AD allow organizations to enforce granular access controls based on user identity, device compliance, location, and risk level. When an employee leaves, these policies can automatically restrict access to sensitive applications and data, reducing the risk of unauthorized use. For example, access can be blocked if the user tries to connect from an unmanaged device or unusual geographic location. This intelligent access management provides an additional layer of security during offboarding, ensuring that sensitive information is accessible only under trusted conditions.how to prevent data leaks when staff leave