Crash course in Azure Active Directory

Similar documents
Simplify Application Access with Azure Active Directory

Go mobile. Stay in control.

Microsoft 365 Security & Compliance For Small- and Mid-Sized Businesses

The security challenge in a mobile world

Maximize your move to Microsoft in the cloud

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD

News and Updates June 1, 2017

How your network can take on the cloud and win. Think beyond traditional networking toward a secure digital perimeter

Use EMS to protect your mobile data and mobile app

Hybrid Identity de paraplu in de cloud

Secure access to your enterprise. Enforce risk-based conditional access in real time

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

Cloud Security, Mobility and Current Threats. Tristan Watkins, Head of Research and Innovation

Yubico with Centrify for Mac - Deployment Guide

Identity as the core of enterprise mobility

Related Labs: Introduction to Universal Access and F5 SAML IDP (Self-paced)

Use Microsoft EMS. to Protect your Mobile Data and Mobile Apps. Chris Nackers Nackers Consulting

Securing the New Perimeter:

Identity & Access Management

Who am I? Identity Product Group, CXP Team. Premier Field Engineer. SANS STI Student GWAPT, GCIA, GCIH, GCWN, GMOB

Who am I? Identity Product Group, CXP Team. Premier Field Engineer. SANS STI Student GWAPT, GCIA, GCIH, GCWN, GMOB

Digital Workspace SHOWDOWN

Best Practices in Securing a Multicloud World

Google Identity Services for work

EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS

IT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,

Jay Ferron. CEHi, CISSP, CHFIi, C)PTEi, CISM, CRISC, CVEi, MCITP, MCSE, MCT, MVP, NSA-IAM blog.mir.

Managing Microsoft 365 Identity and Access

Identity Management as a Service

Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers

MOVE BEYOND GPO FOR NEXT-LEVEL PRIVILEGE MANAGEMENT

Course 10993A: Integrating On-Premises Identity Infrastructure with Microsoft Azure

Virtual Machine Encryption Security & Compliance in the Cloud

How Microsoft s Enterprise Mobility Suite Provides helps with those challenges

Design and deliver cloud-based apps and data for flexible, on-demand IT

Partner Center: Secure application model

EXPERTS LIVE SUMMER NIGHT. Close your datacenter and give your users-wings

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

Privileged Account Security: A Balanced Approach to Securing Unix Environments

Integrating Okta and Preempt Detecting and Preventing Threats With Greater Visibility and Proactive Enforcement

Microsoft Security Management

Censornet. CensorNet Unified Security Service (USS) FREEDOM. VISIBILITY. PROTECTION. Lars Gotlieb Regional Manager DACH

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

Authlogics for Azure and Office 365

Passwords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist

Office 365: Modern Workplace

Security by Default: Enabling Transformation Through Cyber Resilience

Secure Access & SWIFT Customer Security Controls Framework

Integrated Access Management Solutions. Access Televentures

SailPoint IdentityIQ Integration with the BeyondInsight Platform. Providing Complete Visibility and Auditing of Identities

TECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION

A company built on security

Why is Office 365 the right choice?

IBM Internet Security Systems Proventia Management SiteProtector

WHITEPAPER. How to secure your Post-perimeter world

SECURING AWS ACCESS WITH MODERN IDENTITY SOLUTIONS

SAP Security in a Hybrid World. Kiran Kola

Security

A Practical Step-by-Step Guide to Managing Cloud Access in your Organization

Cyber security tips and self-assessment for business

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE

Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches

Microsoft Azure Integration and Security. Course Code: AZ-101; Duration: 4 days; Instructorled

2018 Edition. Security and Compliance for Office 365

Speaker Introduction Who Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel Why VMworld 2017 Understanding the modern sec

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

Securing Privileged Access Securing High Value Assets Datacenter Security Information Protection Information Worker and Device Protection

Centrify for Dropbox Deployment Guide

White Paper Securing and protecting enterprise data on mobile devices

Are You Avoiding These Top 10 File Transfer Risks?

Netwrix Auditor. Visibility platform for user behavior analysis and risk mitigation. Mason Takacs Systems Engineer

HIPAA Regulatory Compliance

Five Reasons It s Time For Secure Single Sign-On

Extranets in SharePoint and Office 365 May 17, 2017

WORKPLACE Data Leak Prevention: Keeping your sensitive out of the public domain. Frans Oudendorp Ronny de Jong

Adaptacyjny dostęp do aplikacji wszędzie i z każdego urządzenia

Integrating On-Premises Identity Infrastructure with Microsoft Azure

3 Ways Businesses Use Network Virtualization. A Faster Path to Improved Security, Automated IT, and App Continuity

IBM Security Access Manager

AKAMAI CLOUD SECURITY SOLUTIONS

Secure Access for Microsoft Office 365 & SaaS Applications

McAfee MVISION Cloud. Data Security for the Cloud Era

Ramnish Singh IT Advisor Microsoft Corporation Session Code:

Azure Active Directory B2C. Daniel Dickinson Enterprise Mobility Specialist

Office 365 Buyers Guide: Best Practices for Securing Office 365

BlackBerry Enterprise Identity

1 The intersection of IAM and the cloud

Microsoft 365. A complete, intelligent, secure solution to empower employees. Integrated for simplicity. Built for teamwork. Unlocks creativity

WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365

FIVE REASONS IT S TIME FOR FEDERATED SINGLE SIGN-ON

Identity as the Entrée to the Microsoft Cloud

Six steps to control the uncontrollable

Protect Yourself Against VPN-Based Attacks: Five Do s and Don ts

GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ

the SWIFT Customer Security

Transcription:

Crash course in Azure Active Directory

Crash course in Azure Active Directory Competing today requires a focus on digital transformation and empowering everyone to be creative and work together securely. To create a modern workplace, you must provide seamless access to the tools and data people need, wherever they are, on whichever device they choose. To help keep your modern workplace secure, you need to protect your data effectively as it traverses many applications and locations. A modern approach to identity and access management (IAM) can help you enable this transformation for a modern workplace. At its core is the adoption of Azure Active Directory (Azure AD) to establish one, unified identity, and provide an easy way to centralise authentication for many types of applications and services. By adopting Azure AD, you can provide effortless user experiences, unlock IT efficiencies and enhance security and compliance. 2 Once you ve established one unified identity, your users can focus on innovation and work effectively on teams of all sizes. At the same time, Azure AD integrates once-disparate identity management tasks for IT simplicity and supports intelligent security. In this e-book, we ll take you on a quick tour of what you can accomplish with Azure AD and how to use it to its full potential.

What is Azure AD? Azure AD is Microsoft s cloud-based directory and identity management service. It combines core directory services, advanced identity protection and application access management. Azure AD delivers single sign-on (SSO) access to on-premises and cloud applications, helping users to stay productive. By using Azure AD, developers can quickly integrate IAM into their applications. The solution provides a full range of modern IAM capabilities, including conditional access with multi-factor authentication (MFA) and password-free login options, single sign-on, self-service password management, rolebased access control and intelligent security monitoring and alerting capabilities. As it is hosted as a fully managed cloud service, Azure AD is the ideal service for combining user accounts into a single, unified, highly secure identity. It employs the same Active Directory technology used by thousands of businesses around the world, supporting seamless synchronisation from on-premises identity servers yet with the accessibility and cross-platform capabilities of the cloud. It includes solutions for authenticating users for software-asa-service (SaaS), on-premises, web and mobile applications using a unified identity. That identity also simplifies the process of monitoring and controlling application access, because all authentications flow through a single system. To maximise the value of Azure AD, the one-identity-per-user model should be prioritised. 3

01. Save Improve the user experience time and improve productivity with single sign-on Workers use a variety of applications throughout the day. Managing passwords and logging in over and over again slows people down. Azure AD single sign-on (SSO) extends on-premises AD to the cloud, so people can use their primary corporate identity to sign in to domain-joined devices, company resources, and web and software-as-aservice (SaaS) applications. This frees users from the burden of managing multiple logins and enables organisations to provide or revoke access based on employee role. Azure AD manages the user lifecycle dynamically, integrating with Human Resources controls to provide automatic access to the apps users need based on team and role. As users join, move and leave, access adapts based on preset policies. Using Azure AD SSO, you can manage user access to SaaS applications directly from the Azure Portal, and even delegate application access decision making and approvals to anyone in the organisation for greater productivity. Builtin monitoring and reporting of user activity will help your organisation identify and mitigate unauthorised access. 4

Use password-free login for security and ease Keeping track of passwords can be a major headache for users, leading them to write credentials down in nonencrypted formats and opening the door to security breaches. Azure AD provides password-free login options that make authenticating easier for users and more secure for businesses. For example, by using the Microsoft Authenticator app, employees can sign in by getting a notification on their phone. On a domain-joined Windows 10 device, where IT has integrated a device with Azure AD, Windows Hello can unlock both the device and apps by recognising a PIN, smart card or biometrics such as a fingerprint or face. Simplify password management with Azure AD self-service password reset Your IT department should be able to prioritise strategic and mission critical work, rather than spending time resetting passwords. With Azure AD self-service password reset (SSPR), you can enable users to change their passwords and unlock their accounts without calling the helpdesk. It is a full-featured solution, enabling authentication by text message, phone call, email or security questions. Give users a consistent experience by adding your corporate branding Apply your company s look and feel to your Azure AD signin page, which appears when users sign in to applications that use Azure AD as an identity provider. This option can be configured in the Azure AD admin centre. 5

02. Connect your on-premises and cloud applications in one ecosystem Integrate on-premises directories with Azure AD Connect If you use Active Directory on premises, you can easily benefit from Azure AD by synchronising the two using Azure AD Connect. By providing a single, common identity to access both cloud and on-premises resources, you can improve the user experience, support productivity and enable advanced security capabilities. Azure AD Connect can work with Active Directory Federation Services (AD FS) to address complex deployment scenarios such as domainjoined SSO. Azure AD Connect also includes Azure AD Connect Health to help you monitor and report on your hybrid directory environment. This helps you ensure that users can reliably access all the resources they need using a simple Azure AD Connect Health agent. 6

Enable easy remote access using AD Application Proxy When you empower your employees to work on their own devices with access to on-premises applications from anywhere, you can significantly improve productivity. Some traditional access methods for remote workers such as virtual private networks (VPNs) and demilitarised zones (DMZs) can be complex and challenging to secure and manage. Azure AD Application Proxy enables SSO and secure remote access for on-premises web applications such as SharePoint sites, Outlook Web Access on Exchange Server or other lineof-business applications. Users can access on-premises and cloud applications using one identity, and there s no need to change network infrastructure or employ VPN. 7 Engage more effectively with Azure B2B collaboration Employees aren t the only people who need secure access to your application ecosystem. You may also need to connect with vendors, partners, subsidiaries or other external entities. Using Azure AD B2B collaboration, you can give guest users single sign-on access to applications of your choice, with powerful authentication policies managed by Azure AD.

03. Secure identities more effectively </> Improve security with Azure AD Conditional Access and MFA In a world of growing cyber threats, passwords aren t enough to protect sensitive information, but you don t want to compromise productivity either. Azure AD Conditional Access simplifies multi-factor authentication so that it is only required when conditions represent risk. Conditional Access provides a risk score based on multiple criteria about the user, device, and location that is being used to sign on to determine if MFA, password reset, or limited functionality in the app is appropriate. Azure MFA enables you to add device-based or biometric security while giving users a streamlined sign-in process. You can use phone calls, text messages or app-based verification as the secondary authentication method. 8

Detect and mitigate breaches with Azure AD Identity Protection If an attacker steals a user s identity, even one with minimal privileges, they may still be able to gain access to critical systems and data. Azure AD Identity Protection helps you detect identity vulnerabilities, investigate and mitigate suspicious access, and configure automated responses to potential identity breaches. With Azure AD Identity Protection, you can protect all identities regardless of their privilege level and proactively prevent compromised identities from being abused. The solution uses adaptive machine learning algorithms and heuristics to detect anomalies and suspicious incidents that indicate potentially compromised identities. Using this data, Identity Protection generates reports and alerts that enable you to evaluate the detected issues and take appropriate mitigation or remediation actions. You can also configure automated responses to potential identity breaches, including automatic blocking or remediation actions such as password resets and multi-factor authentication enforcement. Delegate application controls safely using Azure AD Privileged Identity Management Users may need privileged access to administrative controls for a variety of reasons. However, dormant or rarely used account privileges can linger unseen and enable access beyond what individuals need which creates a security risk. Azure AD Privileged Identity Management (Azure AD PIM) enables you to provide granular access privileges to Azure AD resources and other Microsoft Online services on a temporary, as-needed or on-request basis, as well as manage, control and monitor those privileges to prevent problems. 9

Free trial for Azure AD: Discover the benefits of cloud-based identity The best way to experience the power of Azure AD is to try it yourself. 10 Start your free trial now. Microsoft Corporation. All rights reserved. Microsoft Windows, Windows Vista and other product names are or may be registered trademarks in the US and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this document. As Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this document.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback