SlideShare a Scribd company logo

ITSS189 Azure Identity Management.pptx

Download as PPTX, PDF
Bhavesh Pathak
Bhavesh Pathak

azure IAM

Technology
1 of 8
Implement AZURE Identity Management Multi-Factor Authentication (MFA)
Azure Identity Management: Multi-Factor Authentication (MFA) •To improve account security and protect against phishing attacks, the Information and Innovation Office will be implementing Multi-Factor Authentication (MFA). MFA requires multiple forms of identity verification to secure the organization against security breaches in the event a user’s County login credentials are stolen or compromised. When logging in remotely, users will be required to complete an additional authentication step via a smart phone app, or phone call to verify their identity •Enable Multi-Factor Authentication for all County Users accessing Applications and Services Remotely •Phase 1: Outlook, Teams, SharePoint, OneDrive •Phase 2: VPN, VDI, other County provided applications which may support MFA Project Summary •Server Team •Security Team •ITSS Division of IT Department – Server Team, Network Team, Desktop Support Team, Technical Support Desk Team •IT Department – Everyone else in IT Department •Communications Pilot Groups •Configure and Enable MFA in environment, create Conditional Access and MFA Policies and Groups in Azure – Completed: 2/2020 •Enable MFA for Server Team to allow testing – Completed: 2/2020  11/2020 •Enable MFA for ITSS and Security Team to allow testing – Completed: 2/2021  4/2021 •In-Person Support / Training Workshops for Desktop Support and Technical Support Desk Teams – Completed: 4/2021 •Enable MFA for IT Department to provide final testing – Completed: 5/2021 •Enable MFA for Departmental Directors and key staff: Scheduled for September 2021 •Enable MFA County-Wide in a Department by Department Rollout beginning in September 2021  October 2021 •Phase 2 Apps will be enabled for MFA as the infrastructure dependencies are resolved – Late CY 2021 Project Schedule
Azure Identity Management: Multi-Factor Authentication (MFA) • Email Templates and MFA User Guides have been developed • Meetings and Coordination with SDM’s will be held prior to Departmental Deployment • Communications and User Guides will be sent to end users, Department by Department, on a rolling basis • MFA Guides will be posted on COIN • Videos to assist with setup • MFA User Guides are targeted specifically to Apple or Android users depending on the type of device • A phone-only callback option guide is also available for users without smart phones Communications Plan • Remote Access will be granted via the following second forms of authentication: • Smart Phone based authentication app (Microsoft Authenticator App) • Phone Callback Authentication Methods • IT will schedule setup and assist with configuration with each of the Commissioner’s offices in person • Each District’s Commissioner and their aides will be configured at the same time, so all District staff can be done in a single visit • The County Administrator and ACA’s will be configured in person • In person assistance will be given to individual Department Directors, if requested • The Desktop Support Team will provide in person support VIP Handling
Azure Identity Management: Multi-Factor Authentication (MFA) • Register user account with Microsoft MFA Service (open 1-3 weeks) • Technology Announcement Email: one week before MFA Registration begins • Scheduled Change Notification Email: The day before Registration begins, morning of, and every 3 days until registration period ends • User registers with the MFA Service by following step by step instructions in user guide • The Apple and Android email client is no longer supported. End users must transition to the Microsoft Outlook App • Note - Enable Save Contacts in Outlook App • User may contact Technical Service Desk if questions or issues • User must register with the MFA Service during the registration period or they will not be able to access applications remotely after MFA has been enabled for their department • MFA enabled for Department • Scheduled Change Notification Email: The three days prior to MFA being enabled, warning users that they will not be able to log in unless MFA registration has been completed • Will be prompted to MFA when accessing applications remotely • Users will be prompted on their phone or receive a phone call to approve the login End User Experience
APR MAY JUN JUL AUG SEPTEMBER ITSS Deployment and Testing IIO Deployment and Testing County – Wide Departmental Deployment Planning and Initial Configuration – January 2020 to April 2020 • Identify requirements • Meet with Stakeholders to define project goals, requirements and timelines • Configure Azure Tenant for MFA • Configure Conditional Access Policies and Create Azure AD Groups for MFA Testing Pilot Group • Enable MFA for select ITSS Architects, Engineers and Security Team Staff IIO Deployment and Testing – May 2021 • Deploy to the remainder of the IIO Department • Deploy to Departmental Technical Liaisons • Thoroughly Test • Refine communications and user guides if necessary, based on feedback from users Finalizing Deployment Configuration – May 2020 to October 2020 • Refine Requirements • Refine and fine tune MFA Configuration and Settings in Azure Tenant • Project put on Hold due to COVID-19 • Continue testing for initial pilot group while project On Hold Departmental Deployments – September 2021 • Send initial Communications to Individual Departments a week before MFA Registration Opens • Send series of Communications to Individual Departments during MFA Registration Period • Support Departmental Users during MFA Registration Period • Enable Individual Departments on a rolling schedule • Enroll all support Vendor Accounts Deployment to ITSS – November 2020 to April 2021 • Resume Project • Finalize MFA Deployment Settings • Create Azure AD Group for Production MFA Deployment • Create and approve MFA User Guides • Create and approve Communications email templates • Enable MFA for all remaining ITSS Employees and IIO Security Team • Train Desktop Support and Technical Support Desk staff to support end users VIP MFA Registration – September 2021 • Coordinate with each Commissioner District and staff to Register and Enable MFA in person • Coordinate with the County Administrator, ACA’s and other 26th Floor staff to Register and Enable MFA in person • Department Directors and other identified VIP’s can be handled in-person based on guidance from Management or upon request Azure Identity Management: Multi-Factor Authentication (MFA) Communications Deployment and Testing
Phase 1: Directors and Management County-Wide Deployment Schedule September 2021 Week 1 Week 2 Week 3 Week 4 Phase 1: County-Wide Deployment Phase 2: County-Wide Deployment Vendors Phase 2: BOCC – County Administrator
County-Wide Deployment Schedule May IT Department Testing Phase 1: September 1 – September 15 Directors and Senior-Level Departmental Staff Phase 1: September 1 – September 15 Extension Services, Arts Council, Guardian Ad Litem, Economic Development, Childrens Board, Fleet, Pet Resources, Code Enforcement, Medical Examiner, Parks and Recreation, Conservation and Environmental Lands Management, Compliance Communities and Conservation, Soil and Water Conservation, Affordable Housing, Management and Budget, Procurement Services, Human Resources, Risk Management, County Attorney Phase 2: September 13 – September 27 Library Services, BOCC, Operations and Legislative Affairs, Government Relations & Strategic Services, Independent Performance Auditor, County Administrator, Facilities Services, Development Services, Head Start, Childrens Services, Aging Services, Sunshine Line, Social Services, Health Care Services, Veterans Services, Homeless Services, THHI, Emergency Management, 911 Agency, Emergency Dispatch, Fire Rescue, Public Works, Public Utilities
Questions?

Recommended

sagar
sagarsagar
sagarsagar k gowda
 
Student Debt Solutions
Student Debt SolutionsStudent Debt Solutions
Student Debt SolutionsTodd Meyers
 
Sumedh-RESUME.pdf
Sumedh-RESUME.pdfSumedh-RESUME.pdf
Sumedh-RESUME.pdfSumedh Thorat
 
Curriculum Vitae -TAPIWA CHIRASASA
Curriculum Vitae -TAPIWA CHIRASASACurriculum Vitae -TAPIWA CHIRASASA
Curriculum Vitae -TAPIWA CHIRASASATapiwa Chirasasa
 
Resume
ResumeResume
ResumeDharma Raj
 
Ken Mutugi Detailed CV
Ken Mutugi Detailed CVKen Mutugi Detailed CV
Ken Mutugi Detailed CVKenneth Mutugi
 
Alfred miers for dell 992
Alfred miers for dell 992Alfred miers for dell 992
Alfred miers for dell 992Alfred Miers
 
Alfred miers for dell 992
Alfred miers for dell 992Alfred miers for dell 992
Alfred miers for dell 992Alfred Miers
 

Recommended

sagar
sagarsagar
sagarsagar k gowda
 
Student Debt Solutions
Student Debt SolutionsStudent Debt Solutions
Student Debt SolutionsTodd Meyers
 
Sumedh-RESUME.pdf
Sumedh-RESUME.pdfSumedh-RESUME.pdf
Sumedh-RESUME.pdfSumedh Thorat
 
Curriculum Vitae -TAPIWA CHIRASASA
Curriculum Vitae -TAPIWA CHIRASASACurriculum Vitae -TAPIWA CHIRASASA
Curriculum Vitae -TAPIWA CHIRASASATapiwa Chirasasa
 
Resume
ResumeResume
ResumeDharma Raj
 
Ken Mutugi Detailed CV
Ken Mutugi Detailed CVKen Mutugi Detailed CV
Ken Mutugi Detailed CVKenneth Mutugi
 
Alfred miers for dell 992
Alfred miers for dell 992Alfred miers for dell 992
Alfred miers for dell 992Alfred Miers
 
Alfred miers for dell 992
Alfred miers for dell 992Alfred miers for dell 992
Alfred miers for dell 992Alfred Miers
 
Alfred miers for dell 992
Alfred miers for dell 992Alfred miers for dell 992
Alfred miers for dell 992Alfred Miers
 
Alfred miers for dell 992
Alfred miers for dell 992Alfred miers for dell 992
Alfred miers for dell 992Alfred Miers
 
Alfred miers for dell 992
Alfred miers for dell 992Alfred miers for dell 992
Alfred miers for dell 992Alfred Miers
 
Dinesh_Resume
Dinesh_ResumeDinesh_Resume
Dinesh_ResumeDinesh Pandey
 
Althaf_Resume-Kwt
Althaf_Resume-KwtAlthaf_Resume-Kwt
Althaf_Resume-KwtMohamed althaf
 
IntellisenseIT infraMSWH (Construction ERP)
IntellisenseIT infraMSWH (Construction ERP)IntellisenseIT infraMSWH (Construction ERP)
IntellisenseIT infraMSWH (Construction ERP)intellisenseit
 
Resume_Sagar_4.5+Years
Resume_Sagar_4.5+YearsResume_Sagar_4.5+Years
Resume_Sagar_4.5+Yearssagar k gowda
 
evalmyBRAND-SGN.pptx
evalmyBRAND-SGN.pptxevalmyBRAND-SGN.pptx
evalmyBRAND-SGN.pptxDileepDileep30
 
New resume Naveen (1)
New resume Naveen (1)New resume Naveen (1)
New resume Naveen (1)Naveen Joy
 
Replace Your Outdated Web Application with Web AppBuilder and Operations Dash...
Replace Your Outdated Web Application with Web AppBuilder and Operations Dash...Replace Your Outdated Web Application with Web AppBuilder and Operations Dash...
Replace Your Outdated Web Application with Web AppBuilder and Operations Dash...True North Geographic Technologies
 
Assignment 2-2013 Final (5).docx8745 Software Systems Archit.docx
Assignment 2-2013 Final (5).docx8745 Software Systems Archit.docxAssignment 2-2013 Final (5).docx8745 Software Systems Archit.docx
Assignment 2-2013 Final (5).docx8745 Software Systems Archit.docxsherni1
 
Haitham.Fahmi(05-02-2016)
Haitham.Fahmi(05-02-2016)Haitham.Fahmi(05-02-2016)
Haitham.Fahmi(05-02-2016)Haitham Fahmi
 
Murali_Mohan-resume
Murali_Mohan-resumeMurali_Mohan-resume
Murali_Mohan-resumeMurali Jayakumar
 
Indonesia Truck Entry Project Proposal (1) [Autosaved].pptx
Indonesia Truck Entry Project Proposal (1) [Autosaved].pptxIndonesia Truck Entry Project Proposal (1) [Autosaved].pptx
Indonesia Truck Entry Project Proposal (1) [Autosaved].pptxbidyut13
 
.NET Consulting Portfolio | ASP.NET Development Case Studies
.NET Consulting Portfolio | ASP.NET Development Case Studies.NET Consulting Portfolio | ASP.NET Development Case Studies
.NET Consulting Portfolio | ASP.NET Development Case StudiesZealous System
 
Custom Software Development
Custom Software DevelopmentCustom Software Development
Custom Software DevelopmentSimerjeet Singh
 
itsas
itsasitsas
itsasNoah Huotari
 
CV MAY 2016- Aqeel Hadi AlSayegh
CV MAY 2016- Aqeel Hadi AlSayeghCV MAY 2016- Aqeel Hadi AlSayegh
CV MAY 2016- Aqeel Hadi AlSayeghAqeel Al Sayegh
 
Resume
ResumeResume
ResumeVenkateswaran Radhakrishnan
 
WeiYapResume
WeiYapResumeWeiYapResume
WeiYapResumeChong Wei Yap
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightSafe Software
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMKumar Satyam
 

More Related Content

Similar to ITSS189 Azure Identity Management.pptx

Alfred miers for dell 992
Alfred miers for dell 992Alfred miers for dell 992
Alfred miers for dell 992Alfred Miers
 
Alfred miers for dell 992
Alfred miers for dell 992Alfred miers for dell 992
Alfred miers for dell 992Alfred Miers
 
Alfred miers for dell 992
Alfred miers for dell 992Alfred miers for dell 992
Alfred miers for dell 992Alfred Miers
 
IntellisenseIT infraMSWH (Construction ERP)
IntellisenseIT infraMSWH (Construction ERP)IntellisenseIT infraMSWH (Construction ERP)
IntellisenseIT infraMSWH (Construction ERP)intellisenseit
 
Resume_Sagar_4.5+Years
Resume_Sagar_4.5+YearsResume_Sagar_4.5+Years
Resume_Sagar_4.5+Yearssagar k gowda
 
New resume Naveen (1)
New resume Naveen (1)New resume Naveen (1)
New resume Naveen (1)Naveen Joy
 
Replace Your Outdated Web Application with Web AppBuilder and Operations Dash...
Replace Your Outdated Web Application with Web AppBuilder and Operations Dash...Replace Your Outdated Web Application with Web AppBuilder and Operations Dash...
Replace Your Outdated Web Application with Web AppBuilder and Operations Dash...True North Geographic Technologies
 
Assignment 2-2013 Final (5).docx8745 Software Systems Archit.docx
Assignment 2-2013 Final (5).docx8745 Software Systems Archit.docxAssignment 2-2013 Final (5).docx8745 Software Systems Archit.docx
Assignment 2-2013 Final (5).docx8745 Software Systems Archit.docxsherni1
 
Haitham.Fahmi(05-02-2016)
Haitham.Fahmi(05-02-2016)Haitham.Fahmi(05-02-2016)
Haitham.Fahmi(05-02-2016)Haitham Fahmi
 
Indonesia Truck Entry Project Proposal (1) [Autosaved].pptx
Indonesia Truck Entry Project Proposal (1) [Autosaved].pptxIndonesia Truck Entry Project Proposal (1) [Autosaved].pptx
Indonesia Truck Entry Project Proposal (1) [Autosaved].pptxbidyut13
 
.NET Consulting Portfolio | ASP.NET Development Case Studies
.NET Consulting Portfolio | ASP.NET Development Case Studies.NET Consulting Portfolio | ASP.NET Development Case Studies
.NET Consulting Portfolio | ASP.NET Development Case StudiesZealous System
 
Custom Software Development
Custom Software DevelopmentCustom Software Development
Custom Software DevelopmentSimerjeet Singh
 
CV MAY 2016- Aqeel Hadi AlSayegh
CV MAY 2016- Aqeel Hadi AlSayeghCV MAY 2016- Aqeel Hadi AlSayegh
CV MAY 2016- Aqeel Hadi AlSayeghAqeel Al Sayegh
 

Similar to ITSS189 Azure Identity Management.pptx (20)

Alfred miers for dell 992
Alfred miers for dell 992Alfred miers for dell 992
Alfred miers for dell 992
 
Alfred miers for dell 992
Alfred miers for dell 992Alfred miers for dell 992
Alfred miers for dell 992
 
Alfred miers for dell 992
Alfred miers for dell 992Alfred miers for dell 992
Alfred miers for dell 992
 
Dinesh_Resume
Dinesh_ResumeDinesh_Resume
Dinesh_Resume
 
Althaf_Resume-Kwt
Althaf_Resume-KwtAlthaf_Resume-Kwt
Althaf_Resume-Kwt
 
IntellisenseIT infraMSWH (Construction ERP)
IntellisenseIT infraMSWH (Construction ERP)IntellisenseIT infraMSWH (Construction ERP)
IntellisenseIT infraMSWH (Construction ERP)
 
Resume_Sagar_4.5+Years
Resume_Sagar_4.5+YearsResume_Sagar_4.5+Years
Resume_Sagar_4.5+Years
 
evalmyBRAND-SGN.pptx
evalmyBRAND-SGN.pptxevalmyBRAND-SGN.pptx
evalmyBRAND-SGN.pptx
 
New resume Naveen (1)
New resume Naveen (1)New resume Naveen (1)
New resume Naveen (1)
 
Replace Your Outdated Web Application with Web AppBuilder and Operations Dash...
Replace Your Outdated Web Application with Web AppBuilder and Operations Dash...Replace Your Outdated Web Application with Web AppBuilder and Operations Dash...
Replace Your Outdated Web Application with Web AppBuilder and Operations Dash...
 
Assignment 2-2013 Final (5).docx8745 Software Systems Archit.docx
Assignment 2-2013 Final (5).docx8745 Software Systems Archit.docxAssignment 2-2013 Final (5).docx8745 Software Systems Archit.docx
Assignment 2-2013 Final (5).docx8745 Software Systems Archit.docx
 
Haitham.Fahmi(05-02-2016)
Haitham.Fahmi(05-02-2016)Haitham.Fahmi(05-02-2016)
Haitham.Fahmi(05-02-2016)
 
Murali_Mohan-resume
Murali_Mohan-resumeMurali_Mohan-resume
Murali_Mohan-resume
 
Indonesia Truck Entry Project Proposal (1) [Autosaved].pptx
Indonesia Truck Entry Project Proposal (1) [Autosaved].pptxIndonesia Truck Entry Project Proposal (1) [Autosaved].pptx
Indonesia Truck Entry Project Proposal (1) [Autosaved].pptx
 
.NET Consulting Portfolio | ASP.NET Development Case Studies
.NET Consulting Portfolio | ASP.NET Development Case Studies.NET Consulting Portfolio | ASP.NET Development Case Studies
.NET Consulting Portfolio | ASP.NET Development Case Studies
 
Custom Software Development
Custom Software DevelopmentCustom Software Development
Custom Software Development
 
itsas
itsasitsas
itsas
 
CV MAY 2016- Aqeel Hadi AlSayegh
CV MAY 2016- Aqeel Hadi AlSayeghCV MAY 2016- Aqeel Hadi AlSayegh
CV MAY 2016- Aqeel Hadi AlSayegh
 
Resume
ResumeResume
Resume
 
WeiYapResume
WeiYapResumeWeiYapResume
WeiYapResume
 

Recently uploaded

The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightSafe Software
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMKumar Satyam
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data SciencePaolo Missier
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...FIDO Alliance
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftshyamraj55
 
Top 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTop 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTopCSSGallery
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceSamy Fodil
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGDSC PJATK
 
WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024Lorenzo Miniero
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfdanishmna97
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard37
 
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties ReimaginedEasier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties Reimaginedpanagenda
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!Memoori
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAnitaRaj43
 
ADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptxADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptxFIDO Alliance
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...panagenda
 
CORS (Kitworks Team Study 양다윗 발표자료 240510)
CORS (Kitworks Team Study 양다윗 발표자료 240510)CORS (Kitworks Team Study 양다윗 발표자료 240510)
CORS (Kitworks Team Study 양다윗 발표자료 240510)Wonjun Hwang
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxFIDO Alliance
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityVictorSzoltysek
 

Recently uploaded (20)

The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data Science
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoft
 
Top 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTop 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development Companies
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM Performance
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 Warsaw
 
WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cf
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties ReimaginedEasier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
ADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptxADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptx
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
 
CORS (Kitworks Team Study 양다윗 발표자료 240510)
CORS (Kitworks Team Study 양다윗 발표자료 240510)CORS (Kitworks Team Study 양다윗 발표자료 240510)
CORS (Kitworks Team Study 양다윗 발표자료 240510)
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
 

ITSS189 Azure Identity Management.pptx

  • 1. Implement AZURE Identity Management Multi-Factor Authentication (MFA)
  • 2. Azure Identity Management: Multi-Factor Authentication (MFA) •To improve account security and protect against phishing attacks, the Information and Innovation Office will be implementing Multi-Factor Authentication (MFA). MFA requires multiple forms of identity verification to secure the organization against security breaches in the event a user’s County login credentials are stolen or compromised. When logging in remotely, users will be required to complete an additional authentication step via a smart phone app, or phone call to verify their identity •Enable Multi-Factor Authentication for all County Users accessing Applications and Services Remotely •Phase 1: Outlook, Teams, SharePoint, OneDrive •Phase 2: VPN, VDI, other County provided applications which may support MFA Project Summary •Server Team •Security Team •ITSS Division of IT Department – Server Team, Network Team, Desktop Support Team, Technical Support Desk Team •IT Department – Everyone else in IT Department •Communications Pilot Groups •Configure and Enable MFA in environment, create Conditional Access and MFA Policies and Groups in Azure – Completed: 2/2020 •Enable MFA for Server Team to allow testing – Completed: 2/2020  11/2020 •Enable MFA for ITSS and Security Team to allow testing – Completed: 2/2021  4/2021 •In-Person Support / Training Workshops for Desktop Support and Technical Support Desk Teams – Completed: 4/2021 •Enable MFA for IT Department to provide final testing – Completed: 5/2021 •Enable MFA for Departmental Directors and key staff: Scheduled for September 2021 •Enable MFA County-Wide in a Department by Department Rollout beginning in September 2021  October 2021 •Phase 2 Apps will be enabled for MFA as the infrastructure dependencies are resolved – Late CY 2021 Project Schedule
  • 3. Azure Identity Management: Multi-Factor Authentication (MFA) • Email Templates and MFA User Guides have been developed • Meetings and Coordination with SDM’s will be held prior to Departmental Deployment • Communications and User Guides will be sent to end users, Department by Department, on a rolling basis • MFA Guides will be posted on COIN • Videos to assist with setup • MFA User Guides are targeted specifically to Apple or Android users depending on the type of device • A phone-only callback option guide is also available for users without smart phones Communications Plan • Remote Access will be granted via the following second forms of authentication: • Smart Phone based authentication app (Microsoft Authenticator App) • Phone Callback Authentication Methods • IT will schedule setup and assist with configuration with each of the Commissioner’s offices in person • Each District’s Commissioner and their aides will be configured at the same time, so all District staff can be done in a single visit • The County Administrator and ACA’s will be configured in person • In person assistance will be given to individual Department Directors, if requested • The Desktop Support Team will provide in person support VIP Handling
  • 4. Azure Identity Management: Multi-Factor Authentication (MFA) • Register user account with Microsoft MFA Service (open 1-3 weeks) • Technology Announcement Email: one week before MFA Registration begins • Scheduled Change Notification Email: The day before Registration begins, morning of, and every 3 days until registration period ends • User registers with the MFA Service by following step by step instructions in user guide • The Apple and Android email client is no longer supported. End users must transition to the Microsoft Outlook App • Note - Enable Save Contacts in Outlook App • User may contact Technical Service Desk if questions or issues • User must register with the MFA Service during the registration period or they will not be able to access applications remotely after MFA has been enabled for their department • MFA enabled for Department • Scheduled Change Notification Email: The three days prior to MFA being enabled, warning users that they will not be able to log in unless MFA registration has been completed • Will be prompted to MFA when accessing applications remotely • Users will be prompted on their phone or receive a phone call to approve the login End User Experience
  • 5. APR MAY JUN JUL AUG SEPTEMBER ITSS Deployment and Testing IIO Deployment and Testing County – Wide Departmental Deployment Planning and Initial Configuration – January 2020 to April 2020 • Identify requirements • Meet with Stakeholders to define project goals, requirements and timelines • Configure Azure Tenant for MFA • Configure Conditional Access Policies and Create Azure AD Groups for MFA Testing Pilot Group • Enable MFA for select ITSS Architects, Engineers and Security Team Staff IIO Deployment and Testing – May 2021 • Deploy to the remainder of the IIO Department • Deploy to Departmental Technical Liaisons • Thoroughly Test • Refine communications and user guides if necessary, based on feedback from users Finalizing Deployment Configuration – May 2020 to October 2020 • Refine Requirements • Refine and fine tune MFA Configuration and Settings in Azure Tenant • Project put on Hold due to COVID-19 • Continue testing for initial pilot group while project On Hold Departmental Deployments – September 2021 • Send initial Communications to Individual Departments a week before MFA Registration Opens • Send series of Communications to Individual Departments during MFA Registration Period • Support Departmental Users during MFA Registration Period • Enable Individual Departments on a rolling schedule • Enroll all support Vendor Accounts Deployment to ITSS – November 2020 to April 2021 • Resume Project • Finalize MFA Deployment Settings • Create Azure AD Group for Production MFA Deployment • Create and approve MFA User Guides • Create and approve Communications email templates • Enable MFA for all remaining ITSS Employees and IIO Security Team • Train Desktop Support and Technical Support Desk staff to support end users VIP MFA Registration – September 2021 • Coordinate with each Commissioner District and staff to Register and Enable MFA in person • Coordinate with the County Administrator, ACA’s and other 26th Floor staff to Register and Enable MFA in person • Department Directors and other identified VIP’s can be handled in-person based on guidance from Management or upon request Azure Identity Management: Multi-Factor Authentication (MFA) Communications Deployment and Testing
  • 6. Phase 1: Directors and Management County-Wide Deployment Schedule September 2021 Week 1 Week 2 Week 3 Week 4 Phase 1: County-Wide Deployment Phase 2: County-Wide Deployment Vendors Phase 2: BOCC – County Administrator
  • 7. County-Wide Deployment Schedule May IT Department Testing Phase 1: September 1 – September 15 Directors and Senior-Level Departmental Staff Phase 1: September 1 – September 15 Extension Services, Arts Council, Guardian Ad Litem, Economic Development, Childrens Board, Fleet, Pet Resources, Code Enforcement, Medical Examiner, Parks and Recreation, Conservation and Environmental Lands Management, Compliance Communities and Conservation, Soil and Water Conservation, Affordable Housing, Management and Budget, Procurement Services, Human Resources, Risk Management, County Attorney Phase 2: September 13 – September 27 Library Services, BOCC, Operations and Legislative Affairs, Government Relations & Strategic Services, Independent Performance Auditor, County Administrator, Facilities Services, Development Services, Head Start, Childrens Services, Aging Services, Sunshine Line, Social Services, Health Care Services, Veterans Services, Homeless Services, THHI, Emergency Management, 911 Agency, Emergency Dispatch, Fire Rescue, Public Works, Public Utilities