Identity as the core of enterprise mobility

Similar documents
News and Updates June 1, 2017

Hybrid Identity de paraplu in de cloud

EXPERTS LIVE SUMMER NIGHT. Close your datacenter and give your users-wings

Jay Ferron. CEHi, CISSP, CHFIi, C)PTEi, CISM, CRISC, CVEi, MCITP, MCSE, MCT, MVP, NSA-IAM blog.mir.

Use EMS to protect your mobile data and mobile app

Use Microsoft EMS. to Protect your Mobile Data and Mobile Apps. Chris Nackers Nackers Consulting

Course 10993A: Integrating On-Premises Identity Infrastructure with Microsoft Azure

Office 365: Modern Workplace

Who am I? Identity Product Group, CXP Team. Premier Field Engineer. SANS STI Student GWAPT, GCIA, GCIH, GCWN, GMOB

Office 365 and Azure Active Directory Identities In-depth

Tech Dive: Microsoft Azure Identity Management and Office 365

Single Sign-On Showdown

Identity & Access Management

Tracking changes in Hybrid Identity environments with both Active Directory and Azure Active Directory

Who am I? Identity Product Group, CXP Team. Premier Field Engineer. SANS STI Student GWAPT, GCIA, GCIH, GCWN, GMOB

Crash course in Azure Active Directory

[ Sean TrimarcSecurity.com ]

Go mobile. Stay in control.

Integrating On-Premises Identity Infrastructure with Microsoft Azure

Azure Active Directory from Zero to Hero

Access Governance in a Cloudy Environment. Nabeel Nizar VP Worldwide Solutions

DATACENTER MANAGEMENT Goodbye ADFS, Hello Modern Authentication! Osman Akagunduz

How Microsoft s Enterprise Mobility Suite Provides helps with those challenges

Identity as the Entrée to the Microsoft Cloud

Securing the New Perimeter:

Azure Multi-Factor Authentication. Technical Note

Integrating Okta and Preempt Detecting and Preventing Threats With Greater Visibility and Proactive Enforcement

Securing Your Identities with Azure AD

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

IT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,

Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) & On- Premises Tools

Managing Microsoft 365 Identity and Access

OFFICE 365 GOVERNANCE: Top FAQ s & Best Practices. Internal Audit, Risk, Business & Technology Consulting

MD-101: Modern Desktop Administrator Part 2

PLANNING AZURE INFRASTRUCTURE SECURITY - AZURE ADMIN ACCOUNTS PROTECTION & AZURE NETWORK SECURITY

Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) & On-Premises Tools

A tale of Modern Management Part 1

Enabling and Managing Office 365

Planning for and Managing Devices in the Enterprise: Enterprise Management Suite (EMS) & On-Premises Tools

HOW TO UNLOCK EMS. 3 Things You Need to Know to Capitalize on Enterprise Mobility Suite

ENABLING AND MANAGING OFFICE 365

Simplify Application Access with Azure Active Directory

Secure access to your enterprise. Enforce risk-based conditional access in real time

Securing Office 365 with Conditional Access #ITDEVCONNECTIONS ITDEVCONNECTIONS.COM

Passwords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist

What is Azure Active Directory (and Why Should I care)?

Overview What is Azure Multi-Factor Authentication? How it Works Get started Choose where to deploy MFA in the cloud MFA on-premises MFA for O365

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Directory Integration with Okta. An Architectural Overview. Okta Inc. 301 Brannan Street San Francisco, CA

SAP Security in a Hybrid World. Kiran Kola

ManageEngine ADSelfService Plus

Conditional Access Policies

20398: Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) and On- Premises Tools

Exam : Implementing Microsoft Azure Infrastructure Solutions

At Course Completion After completing this course, students will be able to:

Multi Factor Authentication & Self Password Reset

Microsoft Official Curriculum Enabling and Managing Office 365 (5 Days - English) Programme détaillé

Windows 10 Azure AD / EMS

Securing Office 365 with Okta

Why Choose MS Azure?

Google Identity Services for work

Microsoft Security Management

Cisco Webex Control Hub

Quick Heal Mobile Device Management. Available on

MCSA Office 365 Bootcamp

Windows Azure Question-Answer Part V- Azure Active Directory

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

Microsoft Intune App Protection Policies Integration. VMware Workspace ONE UEM 1811

Managing Identity Lifecycles at Scale

Partner Center: Secure application model

Office : Enabling and Managing Office 365. Upcoming Dates. Course Description. Course Outline

CONDITIONAL ACCESS FROM A TO Z

Azure Active Directory B2C. Daniel Dickinson Enterprise Mobility Specialist

WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365

Architecting Microsoft Azure Solutions (proposed exam 535)

Maximize your move to Microsoft in the cloud

SECURING AWS ACCESS WITH MODERN IDENTITY SOLUTIONS

WELCOME! Using Microsoft Office 365 for a Robust Mail and Conferencing System

Today s workforce is Mobile. Cloud and SaaSbased. are being deployed and used faster than ever. Most applications are Web-based apps

Course Outline. Enabling and Managing Office 365 Course 20347A: 5 days Instructor Led

Authlogics for Azure and Office 365

Identity Management as a Service

Object of this document

Microsoft Enabling and Managing Office 365

Lifespan Guide for using your Lifespan Network Account

Unified Secure Access Beyond VPN

OneLogin Integration User Guide

Sobering statistics. The frequency and sophistication of cybersecurity attacks are getting worse.

WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD

[MS20347]: Enabling and Managing Office 365

Centrify Identity Services for AWS

Cloud Print Migration Step-by-Step Deployment Guide

Developing Microsoft Azure Solutions (70-532) Syllabus

Enterprise Mobility + Security

20347: Enabling and Managing Office hours

Active Directory based password synchronization

Enabling and Managing Office 365 (NI152) 40 Hours MOC 20347A

Guide to Deploying VMware Workspace ONE. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager 3.1

Azure Multi-Factor Authentication: Who do you think you are?

Cloud Security, Mobility and Current Threats. Tristan Watkins, Head of Research and Innovation

Transcription:

The current reality

Identity as the core of enterprise mobility Azure Active Directory as the control plane Windows Server Active Directory Customers Partners Other directories Self-service Single sign-on Azure SaaS Simple connection Public cloud On-premises Microsoft Azure Active Directory Cloud

1000s OF APPS, 1 IDENTITY More options than ever! Identity Synchronization + Password Hash Synchronization+ Seamless SSO Identity Synchronization + ADFS Identity Synchronization + Pass-through Authentication + Seamless SSO Microsoft Azure Active Directory User Seamless SSO ADFS Seamless SSO Identity synchronization Identity + Password Hash synchronization Identity synchronization Pass-through Authentication

1000s OF APPS, 1 IDENTITY How it works User Microsoft Azure Active Directory Security Token 61 Service Token User Name returned to the user and password further proofs 25 (MFA) are initiated Connector notified returns of result request Contoso Corpnet 34 Connector DC returns validates result the credentials against AD Connector

1000s OF APPS, 1 IDENTITY How seamless SSO works with Pass-through authentication and Password hash synchronisation Microsoft Azure Active Directory Security Token Service Contoso Corpnet 15 26 User Token 401 response sends enters returned ticket their to to get username to the Azure a Kerberos AD or further STS ticket proofs (MFA) are initiated User 34 User AD returns requests Kerberos a Kerberos ticket ticket

Azure AD Connect B2B collaboration Provisioning- Deprovisioning Conditional Access SSO to SaaS Self-Service capabilities Connect Health Multi-Factor Authentication Addition of custom cloud apps! O365 Group Expiration Dynamic Groups Identity Protection Azure Active Directory Remote Access to on-premises apps Azure AD B2C Group-Based Licensing Privileged Identity Management Microsoft Authenticator - Password-less Access Azure AD Join MDM-auto enrollment / Enterprise State Roaming Security Reporting Azure AD DS Access Panel/MyApps HR App Integration Governance

CLOUD-POWERED PROTECTION Because Who are you? is not enough Conditions Actions User User, App sensitivity Device state Location Risk Allow access or Enforce MFA per user/per app Block access MFA

Azure AD Reporting Infected devices Brute force attacks Configuration vulnerabilities Leaked credentials Activity Suspicious signin activities Sign-in activities Security Risky sign-ins Audit logs Users flagged for risk Notifications Reporting Solutions Data Extracts/Downloads Reporting APIs Apply Microsoft learnings to your existing security tools Microsoft machine - learning engine

Azure AD Machine learning + secret sauce Azure AD Premium provides more reports and more data available to perform investigations

Azure AD Assigning licenses, the easy way Licenses can be assigned using any security group, cloud or synced from AD All Microsoft Online Services that require user-level licensing are supported Individual SKUs can be disabled, i.e.: Office 365 except Skype Dynamic Groups can be used, for example: DG-O365-GBL: CustomAttribute10 contains O365 -> O365E3 License DG-EMS-GBL: CustomAttribute10 contains EMS -> EMSE3 License User1: CustomAttribute10 = EMS;O365 https://docs.microsoft.com/en-us/azure/active-directory/active-directory-licensing-group-migration-azure-portal

The process

Azure AD Spring cleaning time! O365 Groups have been really popular, however with no control numbers can grow quickly. AADP now allows to configure an O365 Group expiration policy

MANAGE ACCESS AT SCALE Monitor and gain insights into the identity infrastructure used to extend on-premises identities to Azure Active Directory and Office 365. Monitor: The Azure AD Connect sync engine health ADFS infrastructure health On-premises AD Domain Services health

Azure Active Directory Connect Health Portal

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback