Category: IAM

AZ-500 Study guide – Section 3 – Manage identity and access – Manage Microsoft Entra authorization

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 03/06/2025
Posted in Azure, Entra ID, IAM, Identity, Security, Study guide

Configure Azure Role Permissions for Management Groups, Subscriptions, Resource Groups, and Resources Key Concepts Here’s a comparison table between Microsoft Entra ID roles (formerly Azure AD roles) and Azure roles (RBAC). These operate in different scopes: Entra roles manage identity…

Continue Reading AZ-500 Study guide – Section 3 – Manage identity and access – Manage Microsoft Entra authorization

🛡️ Smarter Access Control in Microsoft Entra ID

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 25/05/2025
Posted in Azure, Conditional access, Entra ID, IAM, Identity, Microsoft Graph, Security

Identity is the new security perimeter—and Conditional Access is one of the most critical tools enterprises have to enforce modern, adaptive access control. In recent months, Microsoft has introduced powerful new enhancements to Microsoft Entra ID, further improving how organizations…

Continue Reading 🛡️ Smarter Access Control in Microsoft Entra ID

SCIMming with PIM for Groups

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 02/04/2024
Posted in Azure, Entra ID, IAM, Identity, Microsoft Graph, PIM, Security

The process of creating Groups for PIM is super easy. Let’s go through it. History Before you had to assign roles to a particular user and they raised their permissions. Then you added the same role to another person and…

Continue Reading SCIMming with PIM for Groups

My tenant has Security defaults enabled and I want to disable them. What to do?

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 10/03/2024
Posted in Azure, Conditional access, Entra ID, IAM, Identity, Security, Zero trust

First things first, Security defaults were automatically enabled for all new tenants created after October 22, 2019. This was to ensure a strong security posture right from the start for all users. Set the stage Let’s imagine this scenario. You…

Continue Reading My tenant has Security defaults enabled and I want to disable them. What to do?

Cross-tenant synchronization is now Generally available

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 31/05/2023 0 Comments on Cross-tenant synchronization is now Generally available
Posted in Azure, Azure AD, Entra, IAM, Identity, Identity Platform, Security

Microsoft’s Cross-tenant features When it comes to the cross-tenant access features, Microsoft has a strong road plan so far. There won’t be any more external users or jumping between Teams tenants when you require access to various tenants, which we…

Continue Reading Cross-tenant synchronization is now Generally available

Microsoft Entra External ID’s (Preview)

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 25/05/2023 0 Comments on Microsoft Entra External ID’s (Preview)
Posted in Azure, Azure AD, IAM, Identity, Identity Platform, Security

Or Azure AD for customers, yes Azure AD for customers. That’s the name of the game. Microsoft released this excellent feature at Build yesterday and I wanted to elaborate it a bit more. Why to use it? Azure AD makes…

Continue Reading Microsoft Entra External ID’s (Preview)

Power Platform and customer-managed encryption key (preview) with some HSM

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 02/04/2023 0 Comments on Power Platform and customer-managed encryption key (preview) with some HSM
Posted in Azure, Compliance, IAM, Managed HSM, Security

This is huge for all the Power Platform users. Now you can use Key vault to store your key, if you aren’t familiar with concept of Key vault, let me open it a bit. What features will be supported? Power…

Continue Reading Power Platform and customer-managed encryption key (preview) with some HSM

Azure Chaos Studio (Preview)

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 01/02/2023 0 Comments on Azure Chaos Studio (Preview)
Posted in Azure, Azure Automation, IAM, Identity, Key vault

Have you seen Azure Chaos Studio? If not, soon you have. What is Chaos Studio? Chaos Studio is a managed service that employs chaos engineering to assist you in measuring, understanding, and improving the resilience of your cloud applications and…

Continue Reading Azure Chaos Studio (Preview)

Microsoft 365 Defender role-based access control

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 29/01/2023 0 Comments on Microsoft 365 Defender role-based access control
Posted in Azure, Azure AD, Compliance, Defender, IAM, Microsoft 365, Security

The new Microsoft 365 Defender RBAC model makes it simple to migrate existing permissions from the individual supported RBAC models to the new RBAC model. All permissions listed within the Microsoft 365 Defender RBAC model align to permissions in the…

Continue Reading Microsoft 365 Defender role-based access control

Tips and tricks on Securing your Data factory

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 20/12/2022 0 Comments on Tips and tricks on Securing your Data factory
Posted in Azure, Azure AD, Data factory, IAM, Identity, Key vault, Managed HSM, Microsoft Purview, On-premises, Security

Why? Like we all know Identity is a hot topic after the MFA fatigue methods or discovering and attacking our resources as external or internal entities but the often overlooked aspect of security is inside the data layer. You could…

Continue Reading Tips and tricks on Securing your Data factory