Zero Trust Network Access (ZTNA)
Are you looking for information about ZTNA of Microsoft Azure and Microsoft 365? In this archive you will find all our posts about ZTNA.
-
Passwordless Sign In with Microsoft Authenticator App
Passwordless sign in with the Microsoft Authenticator App makes sign in to Azure and Microsoft 365 cloud services more secure and convenient for the user. The typing of a password is replaced by a modern method, e.g. the Microsoft Authenticator app. Passwordless sign-in to cloud apps can be achieved using various methods: For a significant increase of identities security, the cost-effective variant with the Microsoft Authenticator App is the best choice.
-
Microsoft Entra Privileged Identity Management (PIM): Request Microsoft Entra roles or Microsoft Azure roles by User
Microsoft Entra Privileged Identity Management (PIM) optimizes the management of privileged roles to Microsoft Azure and Microsoft 365 resources. This contributes to the improvement of the security standards of cloud services. An additional feature is the Just-in-Time authorization, where a user is granted elevated privileges only for the period in which they are actually needed. This minimizes the risk of misuse and unauthorized access. This guide explains how a user can apply for a Microsoft Entra role or Microsoft Azure role for a specific period of time and how an administrator can efficiently manage this requests.
-
Microsoft Entra Privileged Identity Management (PIM): Basic Configuration
Microsoft Entra Privileged Identity Management (PIM) manages and monitors access to Microsoft Entra roles and Microsoft Azure roles. Access to Azure resources and Microsoft online services is on-demand and time-restricted.Users can request privileged roles online. An administrator can approve or deny the request afterwards. The role removes automatically after the specified duration expires. Microsoft Entra Privileged Identity Management (PIM) can minimize the following risks: This guide configures Microsoft Entra Privileged Identity Management (PIM) for Microsoft Entra roles and Microsoft Azure roles.
-
Microsoft Entra: How to Block Legacy Authentication Using Conditional Access
Protocols such as POP3, IMAP, SMTP, or MAPI rely on outdated authentication methods known as legacy authentication. These methods do not support modern security mechanisms such as multi-factor authentication (MFA), making them a preferred entry point for attackers.
-
Reviewing user registrations for multi-factor authentication
To perform a security audit, it is necessary to review the registered multi-factor authentication methods of each user in the Microsoft Tenant. This can help identify and address potential vulnerabilities before they are exploited. Additionally, this evaluation can be used to inform users of potentially more convenient MFA methods they could use instead of their current methods.
-
User guide: Enabling multi-factor authentication
Enabling Multi-Factor Authentication (MFA) significantly increases the security of user accounts when accessing Microsoft Azure and Microsoft 365 online services. The following user guide will help to set up one of the following authentication methods. Three options are available to authenticate with the second factor: