There’s a running joke in the industry that the COVID-19 pandemic has done more to drive digital transformation in organizations than any consultant, project team or CTO. While this may be a slight exaggeration, there is definitely an element of truth to it. Many organizations have historically been slow to adopt remote working practices, but the pandemic and associated lockdowns have forced organizations all over the world to change their work from home policies and accelerate the deployment of tools to support telecommuting.
Azure & Active Directory Center
ENow Software's Azure & Active Directory blog built by Microsoft MVPs for IT/Sys Admins.
One of the great features in Microsoft 365 is Azure Active Directory Application Proxy. AAD App Proxy allows you to publish internal web applications to the Internet and ensure users authenticate in a very secure way. Best of all, it can do this usually without requiring any firewall changes – all that is required is outbound Internet access from the computer running the AAD App Proxy agent.
What a difference a few weeks can make. In less than a month, a huge segment of the world’s working population has had to transition to a work from home model. For some workers and organizations this is the first time they’ve done this, and some are still scrambling to make it work. A lot of organizations have spent the last 10-20 years securing their environments to prevent external access only to find out now that they need to break down those barriers.
I still remember the first password I ever had; it was for my GeoCities account in the late ‘90s before they were purchased by Yahoo!. The password was a randomly generated string of six lowercase characters – that was it, no uppercase, numbers or special characters. I memorized it and thought it was great, no one would ever guess that random password – unlike the passwords my friends used, which were usually the name of their girlfriend or their nickname. By today’s standards though, it is clear that a lot has changed since then, and I’d be willing to bet that any decent authentication system would actually prevent you from using such a trivial password.
At Microsoft Ignite 2019 last year Mark Simos, Lead Architect for the Microsoft Cybersecurity Solution Group, ran a groundbreaking session about the top ten best security practices for Azure today. In his session, he discusses the need for stronger cloud security as more computing environments moving to the cloud. This blog post covers a summary of the session and gives you an overview about the latest Azure security innovations and what’s new in Azure Security Center.
As more and more organizations move to Office 365 the challenge shifts from “How do we get into Office 365?” to “How do we manage our data within Office 365?” Keeping your organization’s data secure inside the service is a major concern for many organizations, as well as for Microsoft itself.
In Part 1, I discussed the implication of CFO fraud and how it can affect your company. It can cost a lost of money when transferred to the wrong accounts, CEOs and CFOs get fired and I won’t mention the reputational damage, which can also be substantial. I also discussed the technical part to fight this (i.e. implementing SPF, DKIM and DMARC). This can help you prevent external mail servers trying to spoof your domain and trying to impersonate your users.
Microsoft’s own integrated STS in Windows Server named AD FS (Active Directory Federation Service) is still a broadly used mechanism to federate identities with Azure Active Directory. At Ignite 2018, Anand Yadav’s session BRK3226 provided some numbers and 71+ million users actively use AD FS to sign-in to Azure.
Want to learn more about Active Directory?
Active Directory Administration Cookbook, 2nd Edition
In this book, Microsoft MVP & Technical Editor of ENow's Azure & Active Directory Center, Sander Berkouwer will share the intricacies of managing Azure AD, Azure AD Connect as well as Active Directory for administration in the cloud and on Windows Server 2022.