Category: Authentication methods
![Harri Jaakkonen](https://i0.wp.com/www.cloudpartner.fi/wp-content/uploads/2021/09/harri_pic.jpg?fit=32%2C32&ssl=1)
Why to? For now policy settings can be moved at your own pace but the procedure is completely reversible. While you specifically specify authentication methods for users and groups in the Authentication methods policy, you can continue to employ tenant-wide…
![Harri Jaakkonen](https://i0.wp.com/www.cloudpartner.fi/wp-content/uploads/2021/09/harri_pic.jpg?fit=32%2C32&ssl=1)
Azure AD Application proxy is an essential tool for providing access to your on-premises applications. In the past you could use it as a reverse proxy to internal Web-based (accessible with browser) applications and you could define One URI per…
![Harri Jaakkonen](https://i0.wp.com/www.cloudpartner.fi/wp-content/uploads/2021/09/harri_pic.jpg?fit=32%2C32&ssl=1)
In this part we will see the end-user experience and what you could use instead of Direct federation. SAML-based External IdP can be also done with federating your cloud-based domains. The idea and the concept is the same but in…
![Harri Jaakkonen](https://i0.wp.com/www.cloudpartner.fi/wp-content/uploads/2021/09/harri_pic.jpg?fit=32%2C32&ssl=1)
In the picture above, you can see how Conditional Access will evaluate those guest users. The majority of users who are typically thought of as guests fall into this category. This B2B collaboration user has guest-level access in your organization…
![Harri Jaakkonen](https://i0.wp.com/www.cloudpartner.fi/wp-content/uploads/2021/09/harri_pic.jpg?fit=32%2C32&ssl=1)
What is PIM? PIM has and will be a backbone for permission Just In Time access in Microsoft based environments. You can easily assign Permanent roles but also Eligible roles for admins and define timeout for the roles. They either…
![Harri Jaakkonen](https://i0.wp.com/www.cloudpartner.fi/wp-content/uploads/2021/09/harri_pic.jpg?fit=32%2C32&ssl=1)
Identity protecting is challenging if you don’t know what you should protect and when you do, you should know how to protect it. In the second part we will be discovering more on Conditional Access as a dynamic boundary in…
![Harri Jaakkonen](https://i0.wp.com/www.cloudpartner.fi/wp-content/uploads/2021/09/harri_pic.jpg?fit=32%2C32&ssl=1)
First the good news. Well maybe not good security wise but at least you still have time to Educate and enable before it will be enforced. Number matching enforcement is still in the horizon Also SSPR and legacy MFA policies…
![Harri Jaakkonen](https://i0.wp.com/www.cloudpartner.fi/wp-content/uploads/2021/09/harri_pic.jpg?fit=32%2C32&ssl=1)
First, I want to mention Microsoft Entra admin center and the announcement Microsoft made about it. You should care about it because starting from 2023 new capabilities will be rolled out to Entra. Also in December Microsoft started redirects when…
![Harri Jaakkonen](https://i0.wp.com/www.cloudpartner.fi/wp-content/uploads/2021/09/harri_pic.jpg?fit=32%2C32&ssl=1)
Continuing from last post with the same topic but now from the negative side of things. What could go wrong if you don’t do it right. This post will assume that you are still having on-premises AD with ADCS and…
![Harri Jaakkonen](https://i0.wp.com/www.cloudpartner.fi/wp-content/uploads/2021/09/harri_pic.jpg?fit=32%2C32&ssl=1)
Once again, more best practices for Identity. In the last part I covered how we can protect your applications from leaking content. Keep your Identities secure and how to keep using MFA after on-premises MFA Server will not work anymore….