Efficiency
Are you looking for information about efficiency in Microsoft Azure and Microsoft 365? In this archive you will find all our posts about efficiency.
-
Intelligent Local Access in Microsoft Entra Global Secure Access
Intelligent Local Access (ILA) addresses a core limitation of Microsoft Entra Global Secure Access: ensuring that local network traffic is handled locally. By default, Microsoft Entra Global Secure Access forwards traffic based on configured traffic forwarding profiles through the cloud-based Security Service Edge (SSE), even when the destination resides within the local network. This approach guarantees that security policies and access controls are enforced consistently at all times. As a result, local resources such as file shares or applications are routed through the cloud-based Security Service Edge (SSE), despite a direct local connection being available. The extended network path introduces additional latency and negatively impacts overall access performance.
-
Microsoft Entra Access Reviews: Governance for User and Guest Access
In Microsoft Entra ID, user and guest access evolves incrementally over time, for example as a result of role changes, project assignments or temporary external collaboration. Access rights that are granted once often remain in place, even when the original business or organizational requirement no longer exists. As a result, common countermeasures such as manual access reviews, follow-ups with group owners or occasional spot checks provide only limited, point-in-time transparency and do not enable a consistent and regular review of access. Decisions are often not documented consistently and are therefore difficult to audit retrospectively.
-
WatchTra: Automated Attribute Compliance for Microsoft Entra ID
In many Microsoft Entra ID environments, the quality of user attributes remains an often underestimated factor in security and governance. WatchTra enhances attribute compliance in Microsoft Entra ID and ensures consistent identity data across the organization. In practice, attributes frequently contain inconsistent spellings or values, for example, “Switzerland” instead of “Swiss” or “IT” instead of “Information Technology”, as well as missing or outdated entries. Such discrepancies can result in incorrect dynamic group memberships, inaccurate reporting or incomplete policy enforcement.However, a consistent validation of these attributes against organization-wide standards is rarely implemented in real-world environments.
-
Disable Entra Connect Seamless SSO – Step-by-Step Guide
Seamless Single Sign-On (Seamless SSO) is an optional feature in Microsoft Entra Connect that enables domain-joined Windows devices on the internal network to automatically sign in to Microsoft Entra ID without requiring users to re-enter their credentials. Seamless SSO extends Active Directory by providing a single sign-on mechanism for cloud services such as Microsoft 365 and connected SaaS applications. During configuration, Active Directory uses the Kerberos authentication protocol and creates a dedicated computer account named AZUREADSSOACC in the on-premises directory. This account links the local identity to Entra ID and is used exclusively for seamless SSO operations.
-
Microsoft Entra Connect: Migration to Application Based Authentication (ABA)
With the introduction of Application Based Authentication (ABA), Microsoft introduces modern authentication mechanisms to Microsoft Entra Connect. Previously, the synchronization service used a service account with a locally stored password to sign in to Microsoft Entra ID, an approach considered outdated and potentially vulnerable from a security perspective.