Microsoft has released a new update for its Entra ID Conditional Access service that provides more granular controls over certificate-based authentication (CBA) methods. The advanced CBA options are currently in preview, allowing access to specific resources based on certificate Issuer or Policy Object Identifiers (OIDs) properties. Microsoft Entra ID Conditional Access is a service that...
Identity Management (or Identity and Access Management) is a fundamental aspect of modern IT security. It involves the processes and technologies used to manage and verify the identity of users accessing IT resources. A key IAM solution is Active Directory, a product by Microsoft that is widely recognized for its robustness and versatility in managing on-premises user identities.
Active Directory (AD) centralizes user and computer authentication and authorization, allowing IT administrators to control user access to various network resources effectively. This is especially crucial for large organizations with complex structures and lots of users, where maintaining individual user accounts wouldn’t be practical. Active Directory streamlines management by providing a single, unified platform for identity management, enhancing security and operational efficiency.
Expanding the principles of Identity and Access Management to the cloud, Microsoft introduced 'Microsoft Entra ID' (formerly Azure Active Directory). It is a solution designed to simplify and secure the management of user identities for cloud-native applications.
Entra ID extends beyond the traditional boundaries of on-premises networks, embracing cloud services and mobile applications. Microsoft Entra ID offers enhanced features like multi-factor authentication (MFA), conditional access policies, and integrated identity governance capabilities.
Microsoft Entra ID is the IAM used by Microsoft 365. Entra ID can also be used in conjunction with on-premises Windows Server Active Directory, giving organizations the ability to extend their existing directory service to the cloud.
Last Update: Jan 30, 2024
Microsoft is planning to make changes to LDAP security settings in Windows Server. In today’s Ask the Admin, I show you how to audit for unsigned LDAP traffic hitting Windows Server Active Directory.
Last Update: Jan 30, 2024
In this guide about Active Directory security, we’re going to detail five steps that IT admins need to follow to secure Active Directory environments in an organization. There are many best practices you’ll need to be familiar with to ensure Active Directory security, including restricting the use of privileged accounts, monitoring Windows Event Log for…
Microsoft announced the automatic rollout of new Conditional Access (CA) policies for select Microsoft 365 licenses in November 2023. As of today, these policies are only available in report-only mode, with the activation for commercial customers set for February and March 2024. The report-only mode enables policies to log policy results without enforcing them. Microsoft…
Audit your Active Directory environment to ensure the security of your company’s most valuable assets. Here are the top 10 events to audit in Active Directory to identify risks. Why audit Active Directory? Active Directory provides authentication, account management, and authorization services that are critical for strong access governance. To quickly detect insider threats, organizations should audit the creation of new accounts and security groups, and…
In this episode of First Ring Daily, Brad Sams and Paul Thurrott Microsoft laying off 1,900 employees in its Gaming division, and Apple announcing big changes for iOS and the App Store in Europe to comply with the Digital Markets Act.
Last Update: Jan 24, 2024
How to set up Azure Active Directory Domain Services
Last Update: Jan 24, 2024
Azure Active Directory (AD) is Microsoft’s cloud-based identity and access management (IAM) cloud service. Azure AD is generally seen as a move from on-premises IAM to the cloud. Learn more about Azure AD here. What is Azure Active Directory (Microsoft Entra ID)? Microsoft Azure Active Directory (Azure AD, AAD, Entra ID, etc.) is a cloud…
Identity and Access Management (IAM), is a crucial cybersecurity framework that governs and secures digital access to resources. It plays a pivotal role in helping organizations control and secure their digital resources such as apps, files, user identities, permissions, and all other organizational data. IAM also helps ensure the confidentiality and integrity of sensitive information….
Microsoft has added support for two-way trust relationships in its Entra Domain Services solution. The new feature provides organizations with increased control over the management of hybrid identity environments. Microsoft Entra Domain Services is a cloud-based solution that offers managed domain services, including group policy, domain joining, LDAP, and Kerberos/NTLM authentication. This service enables organizations…