Tag: Azure AD

Access Review with PIM

The addition of users in privileged groups changes more or less regularly. It is therefore important to regularly check the privileged rights given to certain users. Azure PIM can be used to review these accesses. This operation can be done manually or automatically.

Continue reading

Identity Score

What is Identity score Azure AD Identity permit to secure your Azure Active Directory. The Identity score is a number between 1 and 223. He permit give an Indicator for how aligned you are with the Microsoft Best Pratice. This Best Practice is a recommandation for the security of your Azure AD, users, … The …

Continue reading

Use FIDO2 key with AAD

It is strongly recommended that you use the MFA solution to secure authentication in Azure AD. However, this requires the use of a password and a second factor (phone, mobile phone, mobile application). Microsoft recommends to stop using password.

Continue reading

Azure PIM

Azure PIM PIM (Privileged Identity Management) is a service used for manage and monitor access of the privilegied ressource. This ressource can be Azure AD ressource, Azure ressource or other (Office 365 or Microsoft Intune). It is important to limit the number of people with privileged access. This reduces the attack area of a malicious …

Continue reading

Azure Identity Protection

Azure Active Directory Identity Protection permit to automate the detection and the remediation of identity-based risks. He permit to investigate risks using data and export risk detection data to third-party utilities.

Continue reading

Azure AD Passwordless

Authentification without password The mutli-factor authentification or MFA permit to secure the access to the company’s cloud resources. With the functionnality of passwordless in Azure AD, the password is removed, the user can access to the cloud ressources without password. However, they must authenticate themselves from their phone (Microsoft Authenticator app) or Windows 10 computer …

Continue reading

Configure Pass-through Authentication

The Pass-through Authentication This authentification allows you to use the same password for the on-premise and Cloud-based applications. However, it’s important to note that user authentication is done through the Active Directory on-premise and not through Azure Active Directory. It’s a good alternative to Azure AD Password Hash Synchronization. However, it makes it easier to …

Continue reading

Hybrid equipment with Azure AD

We have had the possibility for many years to join a machine to an Active Directory domain. With cloud services (Office 365, Azure AD, …) identity management has become a very important point. Microsoft implemented in Windows 10, the functionality Azure AD Join (previously Workplace Join) allowing the junction of the machine in Azure AD …

Continue reading

Cloud APP Discovery

Cloud APP Security

It is unfortunately common to see in a company of cloud applications (dropbox,…) used in services unless the IT team is aware. This can cause data loss and security problems. Cloud App Discovery is a feature present with the Premium of Azure AD version, it allows to perform application detection cloud used by the company.

Continue reading

MAM Without Enrollment

MAM Without Enrollment Microsoft has implemented a MAM (Mobile Application Management) solution in Intune. However, this solution requires enroll the device in the MDM (Mobile Device Management). For people not wishing to add their equipment in a type MDM platform, it is possible to proceed with the creation of rules MAM without enrollment.

Continue reading