Browsed by
Category: Azure AD Premium

Protect Azure AD Connect

Protect Azure AD Connect

Today, it is important to respect the policy of least privilege. We had the ability to configure the Active Directory connector for Azure AD Connect with user account. User account without admin right. However, the Azure AD connector still needed an Azure AD account with the Global Admin role.

Azure AD SSO Key

Azure AD SSO Key

Azure AD Seamless SSO permit to enable SSO (Single Sign On) with Azure AD/Office 365 portal. When users try to connect to portal, their computer computer is be able to carry out Kerberos authentification to pass credential via the web browser. The password is not requested from the user.

Manage external users

Manage external users

With Office 365 project, it is common to have external user access (b2b collaboration). This users may need access to a resource (sharepoint, etc.). These users usually have an Office 365 account and are therefore guest users. Nevertheless, security being an extremely important point nowadays, it is important to set up security rules.

Secure data on O365

Secure data on O365

Conditional access is a very interesting feature. It provides an additional level of security. Indeed, access to applications (sharepoint, exchange, etc.) as well as to data can only take place if the user complies with certain conditions. It is common to see conditional access activated to ensure that the MFA is activated or that compliance rules are respected. We will see a new example. I want to make sure that access to Exchange Online or Sharepoint Online from an IP…

Read More Read More

Enterprise State Roaming

Enterprise State Roaming

Windows 10 allows Azure Active Directory users to synchronize their security settings and application parameter data directly in the cloud. This reduces the time required for reconfiguration when using a new device.

Access Review PIM

Access Review PIM

The addition of users in privileged groups changes more or less regularly. It is therefore important to regularly check the privileged rights given to certain users. Azure PIM can be used to review these accesses. This operation can be done manually or automatically.

Identity Score

Identity Score

Azure AD Identity permit to secure your Azure Active Directory. The Identity score is a number between 1 and 223. He permit give an Indicator for how aligned you are with the Microsoft Best Pratice. This Best Practice is a recommandation for the security of your Azure AD, users, … The Identity score feature can be used by Global admin, security admin ou security readers. The secure score contains five categories :

Use FIDO2 key with AAD

Use FIDO2 key with AAD

It is strongly recommended that you use the MFA solution to secure authentication in Azure AD. However, this requires the use of a password and a second factor (phone, mobile phone, mobile application). Microsoft recommends to stop using password.