Freshly brewed with Microsoft Azure and Microsoft 365

Tag: Conditional Access Page 1 of 3

Are you looking for information about Azure AD Conditional Access? In this archive you will find all our posts about Azure AD Conditional Access.

Microsoft Entra ID Protection: Protect Identities, Detect Risks and Mitigate Threats

In today’s digital world, protecting our identity is crucial. The threats we face online are becoming increasingly sophisticated and refined, making the security of our identity a central challenge. Microsoft Entra ID Protection offers a robust solution to address these challenges.

Microsoft Entra ID: Revoke user access in an emergency

At a time when digital security is becoming increasingly important, managing user access is a crucial factor in protecting sensitive data and resources. Microsoft Entra provides companies with powerful tools to control and monitor access to critical information and systems. Especially in critical situations, such as compromised user accounts or employee departures, it is essential to quickly and securely revoke access to minimize potential security risks.

Switch from per-user MFA to MFA with Microsoft Entra Conditional Access

Setting up Multi-Factor Authentication (MFA) per user significantly enhances the security of a Microsoft tenant and is now the standard practice for every administrator. With per-user MFA, a Multi-Factor Authentication is required from the user during each sign-in. However, this can lead to frustration among legitimate users whose workflows are disrupted by frequent MFA prompts. To achieve a better user experience while balancing security and usability, it is recommended to switch to MFA (Multi-Factor Authentication) using Microsoft Entra Conditional Access.

Microsoft Entra Conditional Access: Block Authentication Flows

The Microsoft Entra Conditional Access for authentication flows regulates the use of the device code flow and authentication transfer. The device code flow is used to authenticate devices that do not have a browser or whose input is restricted, such as smart TVs, IoT devices, or printers. The device code flow represents a high-risk authentication flow, which could be exploited in phishing attacks or to gain access to corporate resources on unmanaged devices. The authentication transfer is a new flow that provides a seamless way to transfer the authenticated state from one device to another. In the desktop version of Outlook, users might be presented with a QR code. When they scan it on their mobile device, their authenticated state is transferred to the mobile device.

Microsoft Entra Privileged Identity Management (PIM) and FIDO2: Increasing the security of privileged roles

Privileged roles and permissions in Microsoft Entra ID allow you to manage all aspects of Microsoft Azure and Microsoft 365. To make phishing and other attacks more difficult, a secure password for privileged Microsoft Entra roles is no longer enough. Phishing-resistant multi-factor-authentication, such as FIDO2 protocol on a security key in combination with Microsoft Entra Privileged Identity Management (PIM), significantly increases security for the Microsoft Tenant and convenience for the user.

Page 1 of 3

Powered by WordPress & Theme by Anders Norén