Category: Azure

Analysing and investigating sing-in logs to troubleshoot access issues Viewing logs Go to Azure AD -> Sign ins From here view and filter the sign in logs. You can see information like: – IP address – Date time – Applications – Login Status (success/failure) – location If you click on a log entry you get more information such as the…

Continue Reading→

Understanding Privileged Identity Management (PIM) Traditionally we use RBAC to manage administration privileges. We assign privileges to a role, then give a user that role. PIM takes things to another level What is PIM? PIM allow you to manage, control and monitor access to resources in your organisation. These resources include: Azure AD, Azure, O365, Intune etc… PIM allows you…

Continue Reading→

Defining Catalogs for Entitlement Management Microsoft provides us with a way a user can self-manage access rights to resources using “self-service”. With this method a user can logon and request access to a particular resource. A catalog is a group of resources like access packages. EG: if the company is doing a big marketing push, you could create a catalog…

Continue Reading→

Configuring Custom SaaS Enterprise Apps with Token Customisation An example of this is: An app that runs on an onsite managed web server in the DMZ with an internet facing interface. EG: app1.spk.com We want to tie this to Azure AD for authentication so users go to Azure AD to get a token to access the app Azure AD has…

Continue Reading→

Understanding Azure Identity Protection with User and Sign in Risk policies Azure Identity Protection helps with the following tasks: Automate the detection and remediation of identity based risks (compromised accounts, phishing attacks etc…) Investigate risks using easy to find data Export risk data to third part tools for further analysis Identity Risk Detection Engines: Heuristics: the system monitors how the…

Continue Reading→

Administering Authentication Methods (FIDO2/Passwordless) Issues with passwords: People get phished People use the same password for many systems Passwordless Based Authentication Passwordless authentication methods are more convenient because the password is removed and replaced with something you have, plus something you are or something you know. Azure and Azure Government offer the following three Passwordless authentication options: Windows Hello for…

Continue Reading→

Understanding the Concepts of Multifactor Authentication   What is MFA?   Authentication methods: Something you know: password, pin etc… Something you have: smart card, key fob, mobile phone etc… Something you are: biometrics MFA is using a combination of these methods. No single step authentication is strong enough on its own in today’s cyber security climate. Two step verification significantly…

Continue Reading→

Migration of On Premise Users and Groups You don’t have to sync your whole domain to the cloud. You can select which users to sync using OU’s and Groups. You can include and exclude specific OU’s and Groups     Understanding SSO, PHS, PTA and ADFS Federation Concepts   Azure AD Auth uses different languages to AD on premise. Azure…

Continue Reading→

Evaluating Requirements and Solutions – Sync for PHS, PTA and ADFS SAML Federation   Authentication for Hybrid Identity Managed Authentication: Azure AD will handle the authentication locally by using a locally stored hashed version of the password or sends the credentials to an on-premise software agent to be authenticated on the premise by AD DS Federated Authentication: Azure AD redirects…

Continue Reading→