Category: Identity

Do’s and don’t concerning security for Identity part 1

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 01/10/2022 0 Comments on Do’s and don’t concerning security for Identity part 1
Posted in ADFS, Azure, Azure AD, Conditional access, Entra, Exchange, Identity, Identity Platform, Microsoft 365, Onpremise, Security

In simplified terms there is two different ways to build a cloud service. Cloud-based or Cloud native Hybrid There is also different possibilities to federate Identities between Cloud service providers but also with Federation services through on-premises environment. Azure AD…

Continue Reading Do’s and don’t concerning security for Identity part 1

Defender for Cloud security alerts

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 30/09/2022 0 Comments on Defender for Cloud security alerts
Posted in Azure, Defender, Hybrid, Identity, KQL, Security

The scenario You have a Windows server with a public IP-address and RDP (TCP 3389) is exposed to internet. And there is still over 3 million open TCP 3389 ports out there. Stupid right but if you are one of…

Continue Reading Defender for Cloud security alerts

What’s new with Secure score in Microsoft Defender portal (and some other tips)

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 25/09/2022 0 Comments on What’s new with Secure score in Microsoft Defender portal (and some other tips)
Posted in Azure, Azure AD, Conditional access, Entra, Identity, Microsoft 365, Security

What is Secure score? Microsoft releases suggestions on security settings that should be turned on to enhance your security posture against external and internal threats. You’re given points for the following actions: Configuring recommended security features Doing security-related tasks Addressing…

Continue Reading What’s new with Secure score in Microsoft Defender portal (and some other tips)

Section 7 – Design a strategy for data and applications – Specify security requirements for applications and design a strategy for securing data

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 07/09/2022 0 Comments on Section 7 – Design a strategy for data and applications – Specify security requirements for applications and design a strategy for securing data
Posted in Azure, Azure AD, Azure Policy, DevOps, Exchange, Identity, Identity Platform, Key vault, Microsoft 365, Microsoft Purview, Microsoft Sentinel, Security, Storage, Zero trust

And there you have it, this is the last section in my study guide. This time made longer posts, hopefully they weren’t too long to read. Stay tuned for more! Specify priorities for mitigating threats to applications. Specify a security…

Continue Reading Section 7 – Design a strategy for data and applications – Specify security requirements for applications and design a strategy for securing data

Microsoft managed Authentication Methods Policy (Preview)

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 03/09/2022 0 Comments on Microsoft managed Authentication Methods Policy (Preview)
Posted in Azure, Azure AD, Identity, Security

What Microsoft Managed is? With Microsoft Managed Settings, admins can trust Microsoft to enable a security feature they have not explicitly disabled. If the feature status is set to Microsoft-managed, it will be enabled by Microsoft at an appropriate time…

Continue Reading Microsoft managed Authentication Methods Policy (Preview)

Automatic assignment policy in Entitlement management

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 01/09/2022 0 Comments on Automatic assignment policy in Entitlement management
Posted in Azure, Azure AD, Azure B2B, Entitlement management, IAM, Identity, Security

If you are not familiar with Entitlement management, read this first. Microsoft keeps evolving Azure AD Entitlement management solution, here is a feature added previously. And there is again a new feature added, let us see what it is. Automatic…

Continue Reading Automatic assignment policy in Entitlement management

TOTP globally available for Azure AD B2C

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 17/08/2022 0 Comments on TOTP globally available for Azure AD B2C
Posted in Azure, Azure B2B, Azure B2C, Conditional access, Identity, Identity Platform, Microsoft Graph, Powershell, Security

I wrote before a post about B2C in general, how to use our own custom domain thru Azure Front door and how to use custom policies. I prefer that you read these out to get clearer picture of B2C functionality….

Continue Reading TOTP globally available for Azure AD B2C

Section 3 – Design a Zero Trust strategy and architecture – Design an identity security strategy

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 10/08/2022 0 Comments on Section 3 – Design a Zero Trust strategy and architecture – Design an identity security strategy
Posted in Azure, Azure AD, Azure B2B, Azure B2C, Hybrid, Identity, sc-100, Security

And onward to the next section in my SC-100 study guide: Note: includes hybrid and multi-cloud scenarios! Design a strategy for access to cloud resources Recommend an identity store (tenants, B2B, B2C, hybrid) Recommend an authentication strategy Recommend an authorization…

Continue Reading Section 3 – Design a Zero Trust strategy and architecture – Design an identity security strategy

Microsoft Defender for Cloud Apps in Microsoft 365 Defender (Preview)

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 08/08/2022 0 Comments on Microsoft Defender for Cloud Apps in Microsoft 365 Defender (Preview)
Posted in Azure, Defender, Identity, Security

Microsoft is all the time consolidating their various different portals, they already removed multiple portals during recent years. Here is a full list of the current ones, sigh! Turn on Preview features Required permissions Accounts assigned the following Azure Active…

Continue Reading Microsoft Defender for Cloud Apps in Microsoft 365 Defender (Preview)

Section 1 – Design a Zero Trust strategy and architecture – Build an overall security strategy and architecture

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 27/07/2022 0 Comments on Section 1 – Design a Zero Trust strategy and architecture – Build an overall security strategy and architecture
Posted in Azure, Hybrid, Identity, sc-100, Security

The first section for SC-100 study will contain: Identify the integration points in an architecture by using Microsoft Cybersecurity Reference Architecture (MCRA) Translate business goals into security requirements Translate security requirements into technical capabilities, including security services, security products, and…

Continue Reading Section 1 – Design a Zero Trust strategy and architecture – Build an overall security strategy and architecture