Category: Zero trust

Azure AD Privileged Identity Management and new features

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 08/03/2023 0 Comments on Azure AD Privileged Identity Management and new features
Posted in Authentication methods, Azure, Azure AD, Conditional access, Identity, Identity Platform, Microsoft Purview, PIM, Security, Zero trust

What is PIM? PIM has and will be a backbone for permission Just In Time access in Microsoft based environments. You can easily assign Permanent roles but also Eligible roles for admins and define timeout for the roles. They either…

Continue Reading Azure AD Privileged Identity Management and new features

Section 4 – Mitigate identity threats part 2 of 2

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 05/03/2023 0 Comments on Section 4 – Mitigate identity threats part 2 of 2
Posted in Active Directory, ADFS, Authentication methods, Azure, Azure AD, Certificates, Conditional access, Cross-tenant, Defender, Entra, Hybrid, Identity, On-premises, SC-200, Security, Zero trust

Identity protecting is challenging if you don’t know what you should protect and when you do, you should know how to protect it. In the second part we will be discovering more on Conditional Access as a dynamic boundary in…

Continue Reading Section 4 – Mitigate identity threats part 2 of 2

Number matching and Authentication methods why you should enable them?

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 02/02/2023 0 Comments on Number matching and Authentication methods why you should enable them?
Posted in Azure, Azure AD, Entra, Identity, Migrate, Security, Zero trust

Two upcoming changes coming to the tenant near you! Number matching will be enforced. Also SSPR and legacy MFA policies will be deprecated (phased). Don’t act too late on either of them. If you need to educate users, you can…

Continue Reading Number matching and Authentication methods why you should enable them?

Conditional Access templates (Preview) and other tips on the side

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 07/12/2022 0 Comments on Conditional Access templates (Preview) and other tips on the side
Posted in Authentication methods, Azure, Azure AD, Identity, Microsoft 365, Security, Zero trust

First, I want to mention Microsoft Entra admin center and the announcement Microsoft made about it. You should care about it because starting from 2023 new capabilities will be rolled out to Entra. Also in December Microsoft started redirects when…

Continue Reading Conditional Access templates (Preview) and other tips on the side

Section 7 – Design a strategy for data and applications – Specify security requirements for applications and design a strategy for securing data

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 07/09/2022 0 Comments on Section 7 – Design a strategy for data and applications – Specify security requirements for applications and design a strategy for securing data
Posted in Azure, Azure AD, Azure Policy, DevOps, Exchange, Identity, Identity Platform, Key vault, Microsoft 365, Microsoft Purview, Microsoft Sentinel, Security, Storage, Zero trust

And there you have it, this is the last section in my study guide. This time made longer posts, hopefully they weren’t too long to read. Stay tuned for more! Specify priorities for mitigating threats to applications. Specify a security…

Continue Reading Section 7 – Design a strategy for data and applications – Specify security requirements for applications and design a strategy for securing data

Section 6 – Design security for infrastructure – Design a strategy for securing SaaS, PaaS, and IaaS services

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 31/08/2022 0 Comments on Section 6 – Design security for infrastructure – Design a strategy for securing SaaS, PaaS, and IaaS services
Posted in Azure, Defender, Key vault, Security, SQL, Zero trust

Time for the next section to my SC-100 study guide: Specify security baselines for SaaS, PaaS, and IaaS services Specify security requirements for IoT workloads Specify security requirements for data workloads, including SQL, Azure SQL Database, Azure Synapse and Azure…

Continue Reading Section 6 – Design security for infrastructure – Design a strategy for securing SaaS, PaaS, and IaaS services

Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 24/08/2022 0 Comments on Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints
Posted in AAD Connect, Active Directory, ADFS, Azure, Azure AD, Azure Policy, Certificates, Key vault, Security, Zero trust

Wednesday is here and time for the next post to my SC-100 exam cram. NOTE: includes hybrid and multi-cloud Specify security baselines for server and client endpoints Specify security requirements for servers, including multiple platforms and operating systems Specify security…

Continue Reading Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints

Section 2 – Design a Zero Trust strategy and architecture – Design a security operations strategy

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 03/08/2022 0 Comments on Section 2 – Design a Zero Trust strategy and architecture – Design a security operations strategy
Posted in Azure, Compliance, ESLZ, Security, Zero trust

And time for the second section for my SC-100 study guide: Design a logging and auditing strategy to support security operations Develop security operations to support a hybrid or multi-cloud environment Design a strategy for SIEM and SOAR Evaluate security…

Continue Reading Section 2 – Design a Zero Trust strategy and architecture – Design a security operations strategy

Exam cram for Cybersecurity Architect exam

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 20/07/2022 0 Comments on Exam cram for Cybersecurity Architect exam
Posted in Azure, sc-100, Security, Zero trust

When I wrote the study guide for AZ-500, I was planning to write a study guide for MS-500, SC-400 or AZ-104 but when I saw the contents of SC-100, I decided differently. For AZ-500 I counted 12 parts but now…

Continue Reading Exam cram for Cybersecurity Architect exam