Conditional Access - Common Microsoft 365 Security Mistakes Series

Thu, 05 Oct 2023 21:11:27 +0000

Conditional Access (CA) is front and center of any attempt to secure Microsoft 365. If you’ve spent any time securing your tenant and Entra resources, you’ll know what Conditional Access is by now, so we’ll assume at least a level 200 understanding, skip the introduction, and instead dive into the most common mistakes I see when helping folks out with it.

These aren’t listed in any particular order, and the devil’s in the details, so make sure you read the full post instead of just skimming the bullet points! There are also way more than five mistakes you can make with Conditional Access, but let’s start with these.

Getting Started with Azure AD Identity Governance – Part 2: Access Reviews

Sun, 02 Aug 2020 14:46:34 +0000

This blog is the second in a small series on Azure AD Premium P2’s Identity Governance toolkit.

Part 1: Entitlement Management

Part 2: Access Reviews (this post)

Part 3: Privileged Identity Management (PIM)

Historically, the apps, groups, and rights a user had were all under central and constant management by IT. Azure AD and modern management have pushed this towards ‘self-service’, including guest users, which improves productivity. The goal of Azure AD access reviews is to improve the management of user rights and access, in this modern environment, throughout their lifecycle in your tenant. It empowers you with automated tools to control their groups, apps, and roles (admin rights).

Access-Reviews on Ru Campbell MVP

Conditional Access - Common Microsoft 365 Security Mistakes Series

Getting Started with Azure AD Identity Governance – Part 2: Access Reviews