Category: Security

Azure AD certificate-based authentication (Preview) + Publishing CRL with Application Proxy

Azure AD CBA allows user to sign-in with a certificate. Microsoft has removed the need for external ADFS federation. You can see the situation before this change from Sami Lamppu’s post. Feature highlights Facilitates onboarding to Azure quickly without being…

Continue Reading Azure AD certificate-based authentication (Preview) + Publishing CRL with Application Proxy

Cross-tenant access settings (Preview)

Cross-tenant access settings in now in preview. You can use cross-tenant access settings to manage collaboration with external Azure AD organizations but for non-Azure AD organizations, use collaboration settings. https://portal.azure.com/#blade/Microsoft_AAD_IAM/AllowlistPolicyBlade What is Cross-tenant access? External Identities cross-tenant access settings to…

Continue Reading Cross-tenant access settings (Preview)

Section 3 – Manage application access

This is the last part of section 3 and will cover two topics: Manage API permissions to Azure subscriptions and resources Configure an authentication method for a service principal Manage API permissions to Azure subscriptions and resources What is Azure…

Continue Reading Section 3 – Manage application access

Information barriers, the GUI experience (Public preview)

This pic above is exactly the opposite of how information barriers work. So how it works? When information barrier policies are in place, people who should not communicate or share files with other specific users won’t be able to find,…

Continue Reading Information barriers, the GUI experience (Public preview)

Section 3 – Manage application access – App Registrations

This is section 3 and part 2. In this post I will be covering App registrations with the following topics. Create an App Registration Configure App Registration permission scopes Manage App Registration permission consent What is App registration in Azure?…

Continue Reading Section 3 – Manage application access – App Registrations

Multi-tenant App registration and user (Admin) consent

What has changed? Microsoft have removed ability for getting user consent for unverified applications. This is an great addition towards security but it will make your life harder as a admin and as a software publisher. Different options Let’s go…

Continue Reading Multi-tenant App registration and user (Admin) consent

Section 2 – Secure access by using Azure AD – Configure access reviews

This will be end of Section 2 and the ending will done with Access Reviews. What are Access Reviews? Access reviews enable organizations to efficiently manage group memberships, access to enterprise applications, and role assignments. User’s access can be reviewed…

Continue Reading Section 2 – Secure access by using Azure AD – Configure access reviews

Section 2- Secure access by using Azure AD – Implement passwordless authentication

Passwordless authentication is a hot topic, if You have a password it can be cracked or phished. In the last parts we enabled MFA so let’s continue from there. What is passwordless? Passwordless means that You sign-in without a password,…

Continue Reading Section 2- Secure access by using Azure AD – Implement passwordless authentication

Running PowerShell scripts under Azure Automation Accounts

Before You had to schedule PowerShell scripts from Your task scheduler inside servers or workstations but not that has changed, You can run Your favorite scripts directly from Azure with Automation Accounts and runbooks. What is Azure Automation Account? Azure…

Continue Reading Running PowerShell scripts under Azure Automation Accounts