Conditional Access
Are you looking for information about Azure AD Conditional Access? In this archive you will find all our posts about Azure AD Conditional Access.
-
Microsoft Entra Privileged Identity Management (PIM) and FIDO2: Increasing the security of privileged roles
Privileged roles and permissions in Microsoft Entra ID allow you to manage all aspects of Microsoft Azure and Microsoft 365. To make phishing and other attacks more difficult, a secure password for privileged Microsoft Entra roles is no longer enough. Phishing-resistant multi-factor-authentication, such as FIDO2 protocol on a security key in combination with Microsoft Entra Privileged Identity Management (PIM), significantly increases security for the Microsoft Tenant and convenience for the user.
-
Microsoft Entra Internet Access: Protect Users with Powerful Web Content Filtering
Microsoft Entra Internet Access is a cloud-delivered solution that secures access to web content. It protects users, devices, and data from internet threats. This solution is part of Microsoft’s Security Service Edge (SSE), which also includes Microsoft Entra Private Access. This solution is based on the core principles of Zero Trust Network Access (ZTNA), which aims to apply the principle of minimal rights, explicit verification and assumption of an attack. Microsoft Entra Internet Access implements adaptive access controls, simplifies network security, and enables a consistent user experience, regardless of location. Microsoft delivers the solution over the Microsoft Wide Area Network, which covers more than 140 countries and 190 network edge…
-
Secure Emergency Access: Create and Manage Microsoft Entra Emergency Accounts with YubiKey (FIDO2)
A Microsoft Entra emergency access account, also known as a “Break Glass Account”, is a special account set up for accessing Azure resources in emergency situations. This account typically has higher permissions and is only used when conventional access routes are not available. This could be, for example, a service outage, so that no multi-factor authentication can be performed via a mobile phone. The use of emergency accounts is strictly controlled, monitored, and restricted.
-
Microsoft Entra Private Access: Secure Access to Internal Resources and Cloud Services without VPN
Microsoft Entra Private Access enables identity-based access to private enterprise applications and resources located on premises and in the cloud, without relying on traditional VPN connections. Access control is provided by Microsoft Entra ID, which enforces Zero Trust principles based on contextual signals. As a component of Microsoft Entra Global Secure Access, the service delivers location independent network access. Microsoft Entra ID evaluates identity, device status and applicable policies to determine access. This article describes how to configure Microsoft Entra Private Access, starting with service activation and Quick Access configuration through to the installation of the Global Secure Access client. Validation of the setup is performed using name resolution and…
-
Microsoft Entra: How to Block Legacy Authentication Using Conditional Access
Protocols such as POP3, IMAP, SMTP, or MAPI rely on outdated authentication methods known as legacy authentication. These methods do not support modern security mechanisms such as multi-factor authentication (MFA), making them a preferred entry point for attackers.