Azure & Active Directory Center

My email address is my identity

In Active Directory on-premises or Azure Active Directory (AAD), used by Office 365, our User Principal Name (UPN) is often the same as our email address. These days, we often log in with our email addresses, which means that whatever we’re “using under the hood” from an authentication point of view is the same as our email address. This convention of making our email address the same as our UPN is common practice and even advocated by Microsoft.

Thanks for all the phish..

There’s a running joke in the industry at the moment that the COVID-19 pandemic has done more to drive digital transformation in organizations than any consultant, project team or CTO! While this may be a slight exaggeration, there is definitely an element of truth to it. Many organizations have historically been slow to adopt remote working practices, but the pandemic and associated lockdowns have forced organizations all over the world to change their work from home policies and accelerate the deployment of tools to support telecommuting. In fact, Microsoft recently reported a staggering increase of more than 30 million Teams users in a single month. Even more surprising is that these same organizations who were once against it are now seeing the productivity benefits and opportunity for cost-reduction and may never go back to the old ‘open-plan office’ way of working again.

Administrative Units Management in Azure Active Directory

Since writing this blog post in May 2018 about administrative units, some things have finally been changed. As this feature is still in preview, it can now be managed in the Azure portal and with Microsoft Graph. But before we go into more detail, let's do a quick heads-up what administrative units are used for. 

One of the great features in Microsoft 365 is Azure Active Directory Application Proxy. AAD App Proxy allows you to publish internal web applications to the Internet and ensure users authenticate in a very secure way. Best of all, it can do this usually without requiring any firewall changes – all that is required is outbound Internet access from the computer running the AAD App Proxy agent.

What a difference a few weeks can make. In less than a month, a huge segment of the world’s working population has had to transition to a work from home model. For some workers and organizations this is the first time they’ve done this, and some are still scrambling to make it work. A lot of organizations have spent the last 10-20 years securing their environments to prevent external access only to find out now that they need to break down those barriers.

Are you supporting a new remote workforce? The past several weeks has seen large organizations like Microsoft mobilize 50,000 of their Seattle-based employees to work from home in response to growing health concerns.

I still remember the first password I ever had; it was for my GeoCities account in the late ‘90s before they were purchased by Yahoo!. The password was a randomly generated string of six lowercase characters – that was it, no uppercase, numbers or special characters. I memorized it and thought it was great, no one would ever guess that random password – unlike the passwords my friends used, which were usually the name of their girlfriend or their nickname. By today’s standards though, it is clear that a lot has changed since then, and I’d be willing to bet that any decent authentication system would actually prevent you from using such a trivial password.

Introduction

By now, Azure AD Conditional Access should no longer be unfamiliar to anyone in IT. As a refresher, it’s Microsoft’s solution for providing a flexible, condition-based, way of controlling access to (cloud) resources.

At Microsoft Ignite 2019 last year Mark Simos, Lead Architect for the Microsoft Cybersecurity Solution Group, ran a groundbreaking session about the top ten best security practices for Azure today. In his session, he discusses the need for stronger cloud security as more computing environments moving to the cloud. This blog post covers a summary of the session and gives you an overview about the latest Azure security innovations and what’s new in Azure Security Center.