Category: Identity

Temporary Access Pass what and the how

What is Azure Temporary Access Pass? Passwordless authentication methods, such as FIDO2 and Passwordless Phone Sign-in through the Microsoft Authenticator app, enable users to sign in securely without a password. Users can bootstrap Passwordless methods in one of two ways:…

Continue Reading Temporary Access Pass what and the how

Whats new with conditional access and Microsoft authenticator

Conditional access has some new cool features that will provide extra security for your user logins. In this post I will cover some of them. Will be digging deeper on these as they evolve but for now it’s important for…

Continue Reading Whats new with conditional access and Microsoft authenticator

Azure SQL Database pricing and security features

What is Azure SQL Azure SQL databases are coming more and more used. They can be expanded on the go with elastic pools or you can use them inside servers like inside on-premises installations. You can have multiple SQL services…

Continue Reading Azure SQL Database pricing and security features

Access reviews for External Guest users

Access reviews let’s an external users or an internal users to verify the access of a user. Access reviews honors a time frame set but the minimum time that the reviews will be automatically ran is 1 day. The other…

Continue Reading Access reviews for External Guest users

Hybrid identity and how to protect your users?

Hybrid identity in a trendy way to distribute your identity across cloud services. Identity has always been an important part in user interactions with services. It’s your unique identifier in the directory that you belong to. This theme can also…

Continue Reading Hybrid identity and how to protect your users?

Three tiers of protection explained with use cases

The above picture is from the CISSP material and domain 3 that talks about Security Architecture and Engineering but it could be from Microsoft material also. So what are the three layers of protection? At a high level Microsoft has…

Continue Reading Three tiers of protection explained with use cases

Azure AD guest users and how to manage them?

Well this is true for the digital society. Before it was your passwords you had to keep safe. Now the password doesn’t make a huge difference as it should be only the first stage of sign-in process and second would…

Continue Reading Azure AD guest users and how to manage them?

AAD Identity protection and Hybrid Identity

In the past years Microsoft made some excellent improvements for securing the Identity. One of these features was Azure AD Identity Protection and it’s proxy version to allow your policies to flow inside on-premises AD. It uses the same kinda…

Continue Reading AAD Identity protection and Hybrid Identity

Continuous Access Evaluation and working with tokens

Access, ID, and SAML2 ID tokens are JSON web tokens (JWT). These ID tokens consist of a header, payload, and signature. The header and signature are used to verify the authenticity of the token, while the payload contains the information about…

Continue Reading Continuous Access Evaluation and working with tokens

Defender for Identity deep dive part 1 of 3

I decided to do a deep dive on Defender for Identity and this is part 1 of that series. What is (was) Defender for Identity? Defender ATP was before called Azure Advanced Threat Protection (Azure ATP) and Defender for Identity…

Continue Reading Defender for Identity deep dive part 1 of 3