By now, Azure AD Conditional Access should no longer be unfamiliar to anyone in IT. As a refresher, it’s Microsoft’s solution for providing a flexible, condition-based, way of controlling access to (cloud) resources.
At Microsoft Ignite 2019 last year Mark Simos, Lead Architect for the Microsoft Cybersecurity Solution Group, ran a groundbreaking session about the top ten best security practices for Azure today. In his session, he discusses the need for stronger cloud security as more computing environments moving to the cloud. This blog post covers a summary of the session and gives you an overview about the latest Azure security innovations and what’s new in Azure Security Center.
Since the dawn of time, or at least the dawn of computers, logging into our computer resources has been all about username and password. The username and password model has worked pretty well considering the simplicity of this model, but now it’s time to move on to better thought out authentication and authorization systems.
As more and more organizations move to Office 365 the challenge shifts from “How do we get into Office 365?” to “How do we manage our data within Office 365?” Keeping your organization’s data secure inside the service is a major concern for many organizations, as well as for Microsoft itself.
In Part 1, I discussed the implication of CFO fraud and how it can affect your company. It can cost a lost of money when transferred to the wrong accounts, CEOs and CFOs get fired and I won’t mention the reputational damage, which can also be substantial. I also discussed the technical part to fight this (i.e. implementing SPF, DKIM and DMARC). This can help you prevent external mail servers trying to spoof your domain and trying to impersonate your users.
When moving to Office 365 you have various options on how to handle authentication to the service. The purpose of this article is not to explain in great detail what those options are, but rather to take a look at what considerations come into play when choosing the right option for your deployment.
Microsoft’s own integrated STS in Windows Server named AD FS (Active Directory Federation Service) is still a broadly used mechanism to federate identities with Azure Active Directory. At Ignite 2018, Anand Yadav’s session BRK3226 provided some numbers and 71+ million users actively use AD FS to sign-in to Azure.
Today, Office 365 customers experienced another global outage affected by Azure AD. When did you first know that there was a problem? Were you alerted to the problem by a frustrated user trying to log into email on a Monday morning? How much productivity was lost within your organization due to the outage?
Securing your data in Office 365 can be a challenging task. The problem is that using user names and passwords as the basis of our authentication protocols is not a very successful way to run our technology.
Securing your data in Office 365 can be a challenging task. The problem is that using user names and passwords as the basis of our authentication protocols is not a very successful way to run our technology.
