Phew, another article about Conditional Access. That’s right, there a quite a few already. Fortunately, this topic never gets old. Here’s why: In the cloud there are no traditional network perimeters anymore. On-prem appliances are rendered useless as cloud services can be accessed world-wide. All you need is a valid set of credentials to sign-in….
Tag: Azure Active Directory
Getting started with Azure AD Administrative Units
Azure AD always had a big advanced over on-premises Active Directory: a very granular RBAC approach when it come to administration. However, there is also a downside – roles can only be applied globally without a limited scope. This has changed now. Being in a PowerShell based preview for quite some time, Azure AD Administrative…
Azure AD Security Defaults – one click and done?
Security in the Microsoft world has never been an on/off switch. Looking back at Windows and especially Active Directory there have always been multiple steps that had to be considered. With the cloud and Azure AD, some companies used the possibility not to start with the same mistakes that were made in the past. Unfortunately,…
Going passwordless with Azure Active Directory – part 2
The passwordless story is not over. A while back, I summarized the possibilites we have to reduce the usage of passwords with Azure AD. You can find this post here: https://chrisonsecurity.net/2019/07/28/going-passwordless-with-azure-active-directory/ This topic will become more and more important in the future, so I decided to to a follow up to cover some additional things….
From the field: forced password reset in Azure AD Identity Protection
Azure AD Identity Protection is one of the most sophisticated features in Azure Active Directory (Premium P2). Based on Microsoft’s Intelligent Security Graph it detects users and sign-ins at risk and responds at a level you select. If you have the required licenses it should be part of every cloud security baseline. It features different…