20160400 Technet- Hybrid identity and access management with Azure AD Premium
Premium Management and Protection of Identity...
Transcript of Premium Management and Protection of Identity...
OFFICE 365
Premium Management
and Protection of Identity
and Access with Azure AD
Jan Vidar Elven
OFFICE 365
Jan Vidar Elven
Enterprise Mobility MVP
Cloud and Datacenter
Architect @ Skill
P-TSP @ Microsoft
OFFICE 365
KEY TAKEAWAYS
Protect Admin Roles
Assess Risks and Vulnerabilities for Users
Monitor Azure AD Health
Use Azure MFA Conditionally
OFFICE 365
Azure AD Premium Offerings
Manage Azure AD administrator role access
On-demand admin access
Real-time risk event & vulnerability detection, and Mitigation Policies
Monitor and gain insights
Second layer of security
OFFICE 365
Requirements
■For Privileged Identity Management +
Identity Protection + Connect Health:
■Azure AD Premium P2/EMS E5
■Global Administrator Access to Configure
■End Users:
■Azure AD Premium/EMS and Password
Writeback for Policy Mitigation
OFFICE 365
Administrators
Intune
Azure Information
Protection
Protect your users, devices, and apps
Detect problems early with visibility and threat analytics
Protect your data, everywhere
Extend enterprise-grade security
to your cloud and SaaS apps
Manage identity with hybrid
integration to protect application
access from identity attacks
Advanced Threat Analytics
Microsoft Cloud App Security
Azure Active Directory
Identity Protection
Users
Privileged Identity Management
Classified as Microsoft General
CLOUD-POWERED PROTECTION
Discover, restrict, and monitor privileged identities
Enforce on-demand, just-in-time administrative access when needed
Provides more visibility through alerts, audit reports and access reviews
Global Administrator
Billing Administrator
Exchange Administrator
User Administrator
Password Administrator
Classified as Microsoft General
CLOUD-POWERED PROTECTION
How time-limited activation of privileged roles works
MFA is enforced during the activation process
Alerts inform administrators about out-of-band changes
Users need to activate their privileges to perform a task
Users will retain their privileges for a pre-configured amount of time
Security admins can discover all privileged identities, view audit reports and review everyone who has is eligible to activate via access reviews
Audit
SECURITY ADMIN
Configure Privileged
Identity Management
USER
PRIVILEGED IDENTITY MANAGEMENT
Identity
verificationMonitor
Access reports
MFA
ALERT
Read only
ADMIN PROFILES
Billing Admin
Global Admin
Service Admin
OFFICE 365 Azure AD Privileged Identity Management
(PIM)
Key Features:
■Access Review
■ Enable on-demand, "just in time" administrative access
■ Reports on access history and administrator assignments
■Alerts about access and configurations to a privileged role
OFFICE 365
Configure Azure AD PIM
Sign in Azure Portal with Global Administrator
Select New > Security + Identity > Azure AD Privileged Identity Management for your Azure AD tenant
First admin will be:
■Security administrator
■Privileged role administrator
OFFICE 365OFFICE 365
Demo - Azure AD Privileged
Identity Management
Enabling organizations to control access based on risk
Risk severity calculation
Remediation recommendations
Risk-based conditional access automatically protects against suspicious logins and compromised credentials
Gain insights from a consolidated view of machine learning based threat detection
Leaked credentials
Infected devices Configuration
vulnerabilities
Risk-based
policies
MFA Challenge Risky Logins
Block attacks
Change bad credentials
Machine-Learning Engine
Brute force attacks
Suspicious sign-in activities
Use the power of Identity Protection in PowerBI, SIEM and other monitoring tools
OFFICE 365
OFFICE 365
Azure AD Identity Protection
Key Features:■Risk event detection and risk
accounts
■ Investigate risk events
■Risk-based conditional access policies:■Sign-in risk policy
■User risk policy (not for federated users in preview)
■MFA registration policy
OFFICE 365OFFICE 365
Demo - Azure AD Identity
Protection
OFFICE 365
Azure AD Connect Health
Features:
■Azure AD Connect Health for Sync
■Azure AD Connect Health for ADFS/WAP
■Azure AD Connect Health for AD DS (Preview)
OFFICE 365
OFFICE 365
Configure Azure AD Connect Health
Get Azure AD Premium
Download, Install & Register Connect Health Agent:
■AD FS/Proxy/WAP Health Agent
■AD DS Health Agent
■Azure AD Connect Server (>=version 1.0.9125.0)
Go to https://aka.ms/aadconnecthealth
OFFICE 365OFFICE 365
Demo - Azure AD Connect
Health
OFFICE 365 Azure Multi-Factor Authentication (MFA)
MFA Versions:
■MFA for Office 365
■MFA for Azure Admins
■Azure MFA
Features:
■Selected Authentication Methods
■Admin Control
OFFICE 365OFFICE 365
Demo - Azure Multi-Factor
Authentication
OFFICE 365
SummaryTakeaways:
Protect Admin Roles
Assess Risks and Vulnerabilities for Users
Monitor Azure AD Health
Use Azure MFA Conditionally
Contact:E-mail: [email protected]
Twitter: @skillriver
Blog: http://systemcenterpoint.wordpress.com
OFFICE 365
17:15 – 18:15
Closing Note
Hasain Alshakarti, Marcus Murray