Microsoft Entra Private Access gives users secure access to the internal network and cloud-based services from anywhere in the world. Setting up and maintaining (complex) VPN connections is now a thing of the past. Microsoft Entra Private Access is part of Microsoft Global Secure Access, which includes a range of identity and network access security products. The service is based on the SASE framework (Secure Access Service Edge), which combines WAN functions and zero-trust network access (ZTNA) in a cloud-based platform.
Tag: Microsoft Intune
Are you looking for information about Microsoft Intune? In this archive you will find all our posts about Microsoft Intune.
Windows LAPS (Local Administrator Password Solution) provides centralized, simple and secure management of local administrator passwords in Microsoft Intune. Each device receives its own temporary administrator password. Windows LAPS automatically manages the administrator passwords in terms of expiration and rotation. Local administrator passwords are stored in either Azure Active Directory or local Active Directory.
Windows LAPS thus offers, for example, higher protection against pass-the-hash and lateral traversal attacks.
Finding the right blade in the Microsoft portal can be time-consuming and complicated. With cmd.ms exists a Microsoft Cloud command line for the browser. This can be used to access specific portals and blades such as conditional access, MFA (multi-factor authentication), quarantine emails and many more directly from the browser address bar.
Microsoft Entra Privileged Identity Management (PIM) manages and monitors access to Azure roles. Access to Azure resources and Microsoft online services is on-demand and time-restricted.
Users can request privileged roles online. An administrator can approve or deny the request afterwards. The role removes automatically after the specified duration expires.
Microsoft Entra Privileged Identity Management (PIM) can minimize the following risks:
- Number of users and their authorization duration on privileged roles are reduced to a minimum
- Users are better protected against accidental compromise of sensitive data. (no unnecessary privileged roles when they are not needed).
- Attackers do not get privileged access
This guide configures Microsoft Entra Privileged Identity Management (PIM) for Azure AD and Azure Roles.