Category: Security

Section 7 – Design a strategy for data and applications – Specify security requirements for applications and design a strategy for securing data

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 07/09/2022 0 Comments on Section 7 – Design a strategy for data and applications – Specify security requirements for applications and design a strategy for securing data
Posted in Azure, Azure AD, Azure Policy, DevOps, Exchange, Identity, Identity Platform, Key vault, Microsoft 365, Microsoft Purview, Microsoft Sentinel, Security, Storage, Zero trust

And there you have it, this is the last section in my study guide. This time made longer posts, hopefully they weren’t too long to read. Stay tuned for more! Specify priorities for mitigating threats to applications. Specify a security…

Continue Reading Section 7 – Design a strategy for data and applications – Specify security requirements for applications and design a strategy for securing data

Microsoft managed Authentication Methods Policy (Preview)

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 03/09/2022 0 Comments on Microsoft managed Authentication Methods Policy (Preview)
Posted in Azure, Azure AD, Identity, Security

What Microsoft Managed is? With Microsoft Managed Settings, admins can trust Microsoft to enable a security feature they have not explicitly disabled. If the feature status is set to Microsoft-managed, it will be enabled by Microsoft at an appropriate time…

Continue Reading Microsoft managed Authentication Methods Policy (Preview)

Azure MFA migration tool and how to setup MFA NPS extension

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 01/09/2022 0 Comments on Azure MFA migration tool and how to setup MFA NPS extension
Posted in Active Directory, Azure, Conditional access, Hybrid, Security

Well, this is nice. Microsoft has released a migration tool to get rid of your On-premises MFA server. Scenarios Moving the registered MFA phone numbers is only part of the migration from MFA Server to Azure AD Multi-Factor Authentication. The…

Continue Reading Azure MFA migration tool and how to setup MFA NPS extension

Automatic assignment policy in Entitlement management

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 01/09/2022 0 Comments on Automatic assignment policy in Entitlement management
Posted in Azure, Azure AD, Azure B2B, Entitlement management, IAM, Identity, Security

If you are not familiar with Entitlement management, read this first. Microsoft keeps evolving Azure AD Entitlement management solution, here is a feature added previously. And there is again a new feature added, let us see what it is. Automatic…

Continue Reading Automatic assignment policy in Entitlement management

Section 6 – Design security for infrastructure – Design a strategy for securing SaaS, PaaS, and IaaS services

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 31/08/2022 0 Comments on Section 6 – Design security for infrastructure – Design a strategy for securing SaaS, PaaS, and IaaS services
Posted in Azure, Defender, Key vault, Security, SQL, Zero trust

Time for the next section to my SC-100 study guide: Specify security baselines for SaaS, PaaS, and IaaS services Specify security requirements for IoT workloads Specify security requirements for data workloads, including SQL, Azure SQL Database, Azure Synapse and Azure…

Continue Reading Section 6 – Design security for infrastructure – Design a strategy for securing SaaS, PaaS, and IaaS services

Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 24/08/2022 0 Comments on Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints
Posted in AAD Connect, Active Directory, ADFS, Azure, Azure AD, Azure Policy, Certificates, Key vault, Security, Zero trust

Wednesday is here and time for the next post to my SC-100 exam cram. NOTE: includes hybrid and multi-cloud Specify security baselines for server and client endpoints Specify security requirements for servers, including multiple platforms and operating systems Specify security…

Continue Reading Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints

TOTP globally available for Azure AD B2C

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 17/08/2022 0 Comments on TOTP globally available for Azure AD B2C
Posted in Azure, Azure B2B, Azure B2C, Conditional access, Identity, Identity Platform, Microsoft Graph, Powershell, Security

I wrote before a post about B2C in general, how to use our own custom domain thru Azure Front door and how to use custom policies. I prefer that you read these out to get clearer picture of B2C functionality….

Continue Reading TOTP globally available for Azure AD B2C

Section 4 – Evaluate Governance Risk Compliance (GRC) technical strategies and security operations strategies – Design a regulatory compliance strategy

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 17/08/2022 0 Comments on Section 4 – Evaluate Governance Risk Compliance (GRC) technical strategies and security operations strategies – Design a regulatory compliance strategy
Posted in Azure, Compliance, Microsoft Purview, Security

This is the fourth section to my SC-100 study guide and it will cover the following topics: Interpret compliance requirements and translate into specific technical capabilities (new or existing) Evaluate infrastructure compliance by using Microsoft Defender for Cloud Interpret compliance…

Continue Reading Section 4 – Evaluate Governance Risk Compliance (GRC) technical strategies and security operations strategies – Design a regulatory compliance strategy

Section 3 – Design a Zero Trust strategy and architecture – Design an identity security strategy

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 10/08/2022 0 Comments on Section 3 – Design a Zero Trust strategy and architecture – Design an identity security strategy
Posted in Azure, Azure AD, Azure B2B, Azure B2C, Hybrid, Identity, sc-100, Security

And onward to the next section in my SC-100 study guide: Note: includes hybrid and multi-cloud scenarios! Design a strategy for access to cloud resources Recommend an identity store (tenants, B2B, B2C, hybrid) Recommend an authentication strategy Recommend an authorization…

Continue Reading Section 3 – Design a Zero Trust strategy and architecture – Design an identity security strategy

Microsoft Entra Verified ID went GA!

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 09/08/2022 0 Comments on Microsoft Entra Verified ID went GA!
Posted in Azure, Azure AD, Entra, Security

Back in 2018 Microsoft joined ID2020 alliance and started collaborating with Accenture and Avanade on a blockchain-based identity prototype for Azure. The intention was to give people means to identify them selves easily. And finally Yesterday Microsoft released the final product!…

Continue Reading Microsoft Entra Verified ID went GA!