| Microsoft | Azure | Office 365 |
Azure is a comprehensive set of cloud services that developers and IT professionals use to build, deploy, and manage applications through Microsoft’s global network of datacenters. Integrated tools, DevOps, and a marketplace support you in efficiently building anything from simple mobile apps to internet-scale solutions.
As organizations increasingly adopt hybrid and cloud-first strategies, managing secure access to resources has become more challenging. Ensuring that only authorized users and devices can access sensitive data, while maintaining flexibility for remote work and mobile users, requires a robust identity and access management (IAM) solution. Microsoft Entra Suite offers a set of tools designed to …
Azure Virtual Desktop (AVD) is a comprehensive desktop and app virtualization service hosted on Azure. A recent update has brought changes to the behavior of the preferred app group type, impacting how remote applications and desktops are published from the same host pool. This blog post will explore these changes, their implications, and the potential …
Or “Trust, but always verify” Today, I was confronted with the Microsoft Entra ID configuration that allows an administrator of a tenant to “trust” an external party’s Microsoft tenant when guests access resources. In the Zero Trust world, because as the security framework implies, we have zero or no trust of anything, not even our …
Just this week I made a mistake by adding an All Users group to eligibility to a PIM group and in doing so learnt a few things. Some things should have been obvious to me, but also things that are not necessarily obvious. I will take you through what I did and how you can …
Apart from companies who are “Born in the cloud” and only have cloud identities such as Microsoft Entra ID, most organizations are running hybrid identity and are syncing identity objects such as users, groups and devices from on-premises Active Directory to Entra ID. There are however, more and more companies that wish to migrate to …
I recently published an article on Application Governance. Something that is vital to understand as an Identity Administrator. Managing and securing cloud-native applications is more crucial than ever in today’s online world. Unassigned roles in Entra ID applications leaves your organization at risk. The role of Entra ID admins is more important than ever. You …
First look at Microsoft-managed Conditional Access Policies “Microsoft Managed” is a concept I was introduced to in Entra ID Authentication Methods. The idea was introduced when Microsoft were previewing a new feature. The Microsoft Managed state allows Microsoft to enable or disable the feature. This is supposed to be a convenient way to allow Microsoft …
You know it’s bad, and you have a policy to block it but are you still at risk? I recently had a fun discussion with the folks at SCI Fridays where we likened legacy authentication to letting your children go naked in public. https://www.linkedin.com/video/event/urn:li:ugcPost:6867114168898596864/ Legacy Authentication, or basic authentication as it is also known, refers …
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/configure-admin-consent-workflow By default, in Azure Active Directory (Azure AD), users can consent to third party applications to access their organizational information – information pertaining to them from the organizational directory. Different permissions allow the application different levels of access to your users’ and your organization’s data. Some application have access to the user’s mailbox and …
Security AND accessibility at the same time I recently spoke at Microsoft Ignite: The Tour about Conditional Access in Azure Active directory and how many organisations tend to block access for their users. This post series is a review of the main takeaways from that talk. In today’s cloud-driven, software as a service productivity working …
