Microsoft Tenant Hardening

Are you looking for information about Microsoft Tenant Hardening? In this archive you will find all our posts about Microsoft Tenant Hardening.

  • Microsoft Azure

    Microsoft Entra Privileged Identity Management (PIM): Basic Configuration

    9. April 2022 /

    Microsoft Entra Privileged Identity Management (PIM) manages and monitors access to Microsoft Entra roles and Microsoft Azure roles. Access to Azure resources and Microsoft online services is on-demand and time-restricted.Users can request privileged roles online. An administrator can approve or deny the request afterwards. The role removes automatically after the specified duration expires. Microsoft Entra Privileged Identity Management (PIM) can minimize the following risks: This guide configures Microsoft Entra Privileged Identity Management (PIM) for Microsoft Entra roles and Microsoft Azure roles.

  • Microsoft Azure

    Protect user accounts with Microsoft Entra Smart Lockout

    2. April 2022 /

    Microsoft Entra Smart Lockout is a service that monitors all logins to Microsoft Entra ID. Using various mechanisms, Microsoft Entra Smart Lockout detects an attack on user accounts and locks them out. Among others, it detects try to guess users passwords or brute force attacks. After 10 failed attempts, Microsoft Entra Smart Lockout locks the account for 1 minute. You can adjust these default values to your own needs.

  • Microsoft Azure

    Phishing protection for app registration

    26. February 2022 /

    Phishing attacks on users are rising. There are countless possibilities for phishing attacks. One of them attempts to gain unauthorized access to the data via the app registration. If the attack is successful, no password change will lock the attacker out again. Auch die Multi-Faktor-Authentifizierung bietet keinen Schutz, da die App des Angreifers bereits zum Zugriff auf die Daten berechtigt ist. It’s time to restrict app registration and thus increase security against phishing.