This document provides an overview of Microsoft threat protection and Azure Active Directory (Azure AD) security features. It discusses Azure AD architecture and features like single sign-on and self-service password reset. It also covers Azure AD conditional access policies for securing access based on conditions like location, device compliance, and multi-factor authentication. Finally, it summarizes features for identity protection, detecting risky users and sign-ins, and enabling smart lockout and password protection.
Power of the cloud - Introduction to azure securityBruno Capuano
Slides used during the session
Introduction to Microsoft Azure Security
Azure provides you with a wide array of configurable security options and the ability to control them so that you can customize security to meet the unique requirements of your organization’s deployments. This presentation helps you understand how Azure security capabilities can help you fulfill these requirements using options such as Azure AD, Azure Security Center, Azure Advisor, and Azure Monitor.
Azure PaaS and SaaS platforms usage seem to be easy and straightforward, but it's your responsibility to keep them properly secured. I will talk about steps to secure your subscription, network, applications and storage and how Azure can help you with current challenges. Then we talk about security best practices in general, such as user isolation, encryption at rest, certificate and password management with KeyVault. The final topic will explain the basics of disaster recovery plans and why you actually need them.
One of the major concerns for most organizations considering cloud services is security in the cloud. Are you looking to secure your cloud environment or services, no matter what they may be – data, operating system, domain or applications from intrusion and vulnerabilities? Azure Active Directory is Microsoft's multi-tenant, cloud-based directory, and identity management service helping secure your cloud and on-premise environments.
In this presentation, we discussed Azure Active Directory (Azure AD) Identity Protection, Conditional Access, Identity Management which uses AI and machine learning capabilities to help secure your cloud environment – Office 365 and Azure. In this session, we discussed
Advanced features of Azure AD
Demonstrate the detection capabilities, and real-time prevention
Power of the cloud - Introduction to azure securityBruno Capuano
Slides used during the session
Introduction to Microsoft Azure Security
Azure provides you with a wide array of configurable security options and the ability to control them so that you can customize security to meet the unique requirements of your organization’s deployments. This presentation helps you understand how Azure security capabilities can help you fulfill these requirements using options such as Azure AD, Azure Security Center, Azure Advisor, and Azure Monitor.
Azure PaaS and SaaS platforms usage seem to be easy and straightforward, but it's your responsibility to keep them properly secured. I will talk about steps to secure your subscription, network, applications and storage and how Azure can help you with current challenges. Then we talk about security best practices in general, such as user isolation, encryption at rest, certificate and password management with KeyVault. The final topic will explain the basics of disaster recovery plans and why you actually need them.
One of the major concerns for most organizations considering cloud services is security in the cloud. Are you looking to secure your cloud environment or services, no matter what they may be – data, operating system, domain or applications from intrusion and vulnerabilities? Azure Active Directory is Microsoft's multi-tenant, cloud-based directory, and identity management service helping secure your cloud and on-premise environments.
In this presentation, we discussed Azure Active Directory (Azure AD) Identity Protection, Conditional Access, Identity Management which uses AI and machine learning capabilities to help secure your cloud environment – Office 365 and Azure. In this session, we discussed
Advanced features of Azure AD
Demonstrate the detection capabilities, and real-time prevention
AWS Security Best Practices in a Zero Trust Security Model - DEM06 - Atlanta ...Amazon Web Services
Zero Trust Security is quickly rising as a preferred alternative to traditional security approaches. The key enabling technology underlying the Zero Trust Security approach is Next-Gen Access, which combines the critical capabilities of such technologies as Identity as a Service (IDaaS), enterprise mobility management (EMM), and privileged access management (PAM). In this session, we highlight AWS security best practices in a Zero Trust Security model. Specifically, we explore securing the AWS root account, controlling access to the AWS Management Console and AWS CLI, and managing developer access to Amazon EC2 instances and the containerized applications that run on them. This session is brought to you by AWS partner, Centrify.
Protect your business with identity and access management in the cloudMicrosoft
Identity is the new control plane. But what do we mean with “control plane” and what about protecting your plane? How do we bring enterprise-grade visibility, control,
and protection to your applications? Identify suspicious activities and advanced attacks on-premises and in the cloud to protect your “control plane”.
Global Azure Bootcamp 2018 - Azure Security CenterScott Hoag
In this session, students will learn about Azure Security Center and Azure platform security.
Azure Security Center makes it easier than ever to protect your Microsoft Azure virtual machines and virtual networks (as well as Azure SQL Databases, Storage, and more), enabling you to move to the cloud with confidence.
This presentation includes the concept of cloud security domains, flaws in security approaches, Datacenter requirement,
VMware NSX limitations and a new solution that should have a complete solution. Finally, a guideline to describe how to assessment of micro-segmentation.
Importance of Azure infrastructure?-Microsoft Azure security infrastructureZabeel Institute
Microsoft Azure security infrastructure as a solution (IaaS) is an instant computer facility, provisioned and handled over the internet. A cloud computing company, such as Azure, manages the facilities, while you acquire, set up, set up as well as manage your very own software program– operating systems, middleware, and applications.
Zero Trust, Zero Trust Network, or Zero Trust Architecture refer to security concepts and threat model that no longer assumes that actors, systems or services operating from within the security perimeter should be automatically trusted, and instead must verify anything and everything trying to connect to its systems before granting access.
Whether or not you’re in the cloud, your employees are. This brings new challenges for Identity, Security and Compliance teams. Bring the security
of your on-premises systems to your cloud applications — both approved and unapproved — for deeper transparency, comprehensive controls, and
enhanced protection against cloud security issues.
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019Kumton Suttiraksiri
การเพิ่มความปลอดภัยของการ Authentication ในรูปแบบต่างๆ โดย Azure Active Directory (AAD)
เช่น MFA (Multi Factor Authentication), Conditional Access and Windows Hello for Business
โดยคุณธัญพล ษณะนาคินทร์
Microsoft MVP (Azure)
Eric Golpe. Security, privacy, and compliance concerns can be significant hurdles to cloud adoption. Azure can help customers move to the cloud with confidence by providing a trusted foundation, demonstrating compliance with security standards, and making strong commitments to safeguard the privacy of customer data. This presentation will educate you in the fundamentals of Azure security as they pertain to the Cortana Analytics Suite, including capabilities in place for threat defense, network security, access control, and data protection as well as data privacy and compliance. Go to https://channel9.msdn.com/ to find the recording of this session.
AWS Security Best Practices in a Zero Trust Security Model - DEM06 - Atlanta ...Amazon Web Services
Zero Trust Security is quickly rising as a preferred alternative to traditional security approaches. The key enabling technology underlying the Zero Trust Security approach is Next-Gen Access, which combines the critical capabilities of such technologies as Identity as a Service (IDaaS), enterprise mobility management (EMM), and privileged access management (PAM). In this session, we highlight AWS security best practices in a Zero Trust Security model. Specifically, we explore securing the AWS root account, controlling access to the AWS Management Console and AWS CLI, and managing developer access to Amazon EC2 instances and the containerized applications that run on them. This session is brought to you by AWS partner, Centrify.
Protect your business with identity and access management in the cloudMicrosoft
Identity is the new control plane. But what do we mean with “control plane” and what about protecting your plane? How do we bring enterprise-grade visibility, control,
and protection to your applications? Identify suspicious activities and advanced attacks on-premises and in the cloud to protect your “control plane”.
Global Azure Bootcamp 2018 - Azure Security CenterScott Hoag
In this session, students will learn about Azure Security Center and Azure platform security.
Azure Security Center makes it easier than ever to protect your Microsoft Azure virtual machines and virtual networks (as well as Azure SQL Databases, Storage, and more), enabling you to move to the cloud with confidence.
This presentation includes the concept of cloud security domains, flaws in security approaches, Datacenter requirement,
VMware NSX limitations and a new solution that should have a complete solution. Finally, a guideline to describe how to assessment of micro-segmentation.
Importance of Azure infrastructure?-Microsoft Azure security infrastructureZabeel Institute
Microsoft Azure security infrastructure as a solution (IaaS) is an instant computer facility, provisioned and handled over the internet. A cloud computing company, such as Azure, manages the facilities, while you acquire, set up, set up as well as manage your very own software program– operating systems, middleware, and applications.
Zero Trust, Zero Trust Network, or Zero Trust Architecture refer to security concepts and threat model that no longer assumes that actors, systems or services operating from within the security perimeter should be automatically trusted, and instead must verify anything and everything trying to connect to its systems before granting access.
Whether or not you’re in the cloud, your employees are. This brings new challenges for Identity, Security and Compliance teams. Bring the security
of your on-premises systems to your cloud applications — both approved and unapproved — for deeper transparency, comprehensive controls, and
enhanced protection against cloud security issues.
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019Kumton Suttiraksiri
การเพิ่มความปลอดภัยของการ Authentication ในรูปแบบต่างๆ โดย Azure Active Directory (AAD)
เช่น MFA (Multi Factor Authentication), Conditional Access and Windows Hello for Business
โดยคุณธัญพล ษณะนาคินทร์
Microsoft MVP (Azure)
Eric Golpe. Security, privacy, and compliance concerns can be significant hurdles to cloud adoption. Azure can help customers move to the cloud with confidence by providing a trusted foundation, demonstrating compliance with security standards, and making strong commitments to safeguard the privacy of customer data. This presentation will educate you in the fundamentals of Azure security as they pertain to the Cortana Analytics Suite, including capabilities in place for threat defense, network security, access control, and data protection as well as data privacy and compliance. Go to https://channel9.msdn.com/ to find the recording of this session.
In today’s cloud-first environment, enterprises are embracing a heterogeneous cloud strategy that spans multiple public clouds as well as private clouds. This creates complexities for enterprise IT teams who need to ensure security across all of their applications and all of their infrastructure resources. This webinar will help you understand how to approach multi-cloud security.
This is the slide deck used on my webinar session titled " Fundamentals of Microsoft 365 security , Identity and Compliance" .You can find the recording of this webinar here : https://youtu.be/akrEnqK6Dsc
Defenders of the Galaxy - Protecting the (Cloud) galaxy from threats.pptxMatthew Levy
Defenders of the Galaxy - Protecting the (Cloud) galaxy from threats.
In today's cybersecurity galaxy, the landscape has become increasingly sophisticated with cybercriminal activities. We need to work together in new ways to protect the cybersecurity of the planet.
In this session Matthew will discuss
• The threats we need to defend against
• The things in our galaxy that need protecting
• The Defender suite from Microsoft
• The Zero Trust architecture
You will learn 5 basic things you should be doing to protect yourself, and that you are not alone in this galaxy because you can leverage the Defender products from Microsoft to defend you're world.
(SEC310) Keeping Developers and Auditors Happy in the CloudAmazon Web Services
Often times, developers and auditors can be at odds. The agile, fast-moving environments that developers enjoy will typically give auditors heartburn. The more controlled and stable environments that auditors prefer to demonstrate and maintain compliance are traditionally not friendly to developers or innovation. We'll walk through how Netflix moved its PCI and SOX environments to the cloud and how we were able to leverage the benefits of the cloud and agile development to satisfy both auditors and developers. Topics covered will include shared responsibility, using compartmentalization and microservices for scope control, immutable infrastructure, and continuous security testing.
Security Essentials For Startups Taking Their First Steps As Cloud Providers.
This deck is based on the the below paper: https://chapters.cloudsecurityalliance.org/israel/papers/
Similar to 2019-06-04 aOS Strasbourg - Technique 3 - MS Threat Protection - Seyfallah Tagrerout (20)
Commencer le IaaS sur Azure - aOS Tahiti 03-03-2020aOS Community
Comprendre l'offre IaaS Azure , les services, le licensing, la gestion des machines.
Slidedeck utilisé pour l'aOS Tahiti le 03/03/2020 par Sylver Schorgen.
Migrer vers O365. Quelles stragtégies? - aOS Tahiti 03-03-2020aOS Community
Quelles sont les questions à se poser? Quelles étapes pour y arriver? Quels conseils pour réussir? Slidedeck utilisé pour l'aOS Tahiti le 03/03/2020 par Sylver Schorgen.
Passer des macro Excel à la power plateform - aOS Tahiti 03-03-2020aOS Community
Comment la PowerPlateform peut vous permettre de vous débarrasser de l'enfer des fichiers Excel avec macros... Slidedeck utilisé pour l'aOS Tahiti le 03/03/2020 par Florian Guerin.
Serverless avec azure functions - aOS Tahiti 03-03-2020aOS Community
Introduction aux Azure Functions pour réaliser vos applications ServerLess sur la plateforme Microsoft Azure.
Slidedeck utilisé pour l'aOS Tahiti le 03/03/2020 par Julien Chable.
Passer des macro Excel à la power plateform - aOS Nouméa 28-02-2020 aOS Community
Comment la PowerPlateform peut vous permettre de vous débarrasser de l'enfer des fichiers Excel avec macros... Slidedeck utilisé pour l'aOS Noumea le 28/02/2020 par Florian Guerin.
MS ignite : les nouveautés autour des content services et projet cortex - aOS...aOS Community
Présentation des principales nouveauté annoncé au MSIgnite 2019 relatives au Content Management et focus sur le projet Cortex.
Slidedeck utilisé pour l'aOS Noumea le 28/02/2020 par Sébastien Paulet.
Cybersecurité dans M365 - aOS Noumea 28-02-2020aOS Community
Présentation des principales menaces de sécurité sur un tenant O365 et les techniques pour se protéger avec ou sans EMS.
Slidedeck utilisé pour l'aOS Noumea le 28/02/2020 par Sébastien Paulet.
Introduction a Power Automate - aOS Nouméa 28-02-2020 aOS Community
Comprendre comment utiliser la plateforme PowerAutomate, son licensing et créer votre premier Flow.
Slidedeck utilisé pour l'aOS Noumea le 28/02/2020 par Sylver Schorgen.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
4. Agenda
Microsoft Threat Protection
• Introduction
• Azure Active Directory
Architecture
• Azure AD Deep Dive
• AAD connect
• Authentification
Conclusion
• Bonnes pratiques
Azure AD et la sécurité
• Azure MFA Conditional Access
• Identity Protection
• Smart Lock & password
protection
• Azure Application Proxy
5. Microsoft
Threat
Protection
◦ Modèle unifié
◦ Plusieurs services
◦ Tous les vecteurs d’un système d’information
6
«Avec un modèle je vais pouvoir
sécuriser mon système
d’information sur tous les plans»
9. Azure AD
Azure Active Directory (Azure AD) est un service dans Azure qui permet de gérer des
annuaires et l’identité, il offre aux utilisateurs une authentification unique à plusieurs
applications et services cloud.
◦ Authentification
◦ Gestion
◦ Contrôle d’accès
◦ Consommation
Exemple:
L’utilisation des services Office 365
10
10. EMS
Intune
Protect your users,
devices, and apps
Azure Active Directory
Microsoft Cloud App Security
Detect threats early
with visibility and
threat analytics
Advanced
Threat Analytics
Azure Information
Protection
Protect your data,
everywhere
11. Features P1
Directory Objects1 No Object Limit
User/Group Management (add/update/delete). User-based provisioning, Device registration Available
Single Sign-On (SSO). Free, basic tiers + self-service app integration templates5 No Limit
B2B Collaboration7 Available
Self-Service Password Change for cloud users Available
Connect (Sync engine that extends on-premises directories to Azure Active Directory) Available
Security/Usage Reports Advanced Reports
Group-based access management/provisioning Available
Self-Service Password Reset for cloud users Available
Company Branding (Logon Pages/Access Panel customization) Available
Application Proxy Available
SLA Available
Premium Features
Advanced group features8 Available
Self-Service Password Reset/Change/Unlock with on-premises writeback Available
Device objects 2-way sync between on-premises directories and Azure AD (Device write-back) Available
Multi-Factor Authentication (Cloud and On-premises (MFA Server)) Available
Microsoft Identity Manager user CAL4 Available
Cloud App Discovery9 Available
Connect Health6 Available
Automatic password rollover for group accounts Available
Conditional Access based on group and location Available
Conditional Access based on device state (Allow access from managed devices) Available
3rd party identity governance partners integration Available
Terms of Use Available
SharePoint Limited Access Available
OneDrive for Business Limited Access Available
3rd party MFA partner integration Preview Available
Microsoft Cloud App Security integration Available
Identity Protection
• Detecting vulnerabilities and risky accounts:
• Providing custom recommendations to improve overall security
posture by highlighting vulnerabilities
• Calculating sign-in risk levels
• Calculating user risk levels
• Investigating risk events:
• Sending notifications for risk events
• Investigating risk events using relevant and contextual information
• Providing basic workflows to track investigations
• Providing easy access to remediation actions such as password
reset
• Risk-based conditional access policies:
• Policy to mitigate risky sign-ins by blocking sign-ins or requiring
multi-factor authentication challenges
• Policy to block or secure risky user accounts
• Policy to require users to register for multi-factor authentication
Advanced Identity Governance
• Privileged Identity Management (PIM)
• Access Reviews
Only in Azure AD P2
What is the difference between
Azure AD P1 & P2?
18. Étendre mon AD vers Azure AD
Identités hybrides : Extension de votre AD Local vers Azure AD
• Pourquoi ? ➔ équation : Plusieurs applications pour une seule et unique identité
Comment aller vers de l’identité hybride ?
✓ Connaitre les besoins
✓ Pour quels usages ?
✓ La stratégie et la roadmap
✓ L’existant :
✓ Méthode d’authentification utilisée
✓ Définir si y a services cloud
✓ Définir si y a de la fédération et identifier les raisons
✓ Kerberos based (SSO)
✓ Authentification des users hors de l’entreprise avec SAML
✓ Etc
22. Microsoft
Secure Score
◦ Here you have a list of items
◦ And some text
◦ But remember not to overload your
slides with content
Your audience will listen to you or read
the content, but won’t do both.
23
28. Corporate
Network
Geo-location
Microsoft
Cloud App SecurityMacOS
Android
iOS
Windows
Windows
Defender ATP
Client apps
Browser apps
Google ID
MSA
Azure AD
ADFS
Require
MFA
Allow/block
access
Block legacy
authentication
Force
password
reset
******
Limited
access
Controls
Employee & Partner
Users and Roles
Trusted &
Compliant Devices
Physical &
Virtual Location
Client apps &
Auth Method
Conditions
Machin
e
learnin
g
Policies
Real time
Evaluation
Engine
Session
Risk
3
40TB
Effective
policy
29. 30
Conditional Access
RETOUR D’EXPERIENCE
PAS DE CONNEXION POUR TOUS LES DEVICES QUI NE SONT PAS DANS
AZURE AD ET DANS INTUNE
SCOPE : TOUS LES UTILISATEURS
◦ À VOTRE AVIS, IL SE PASSERA QUOI ?
30. 31
Conditional Access
EXEMPLE:
• EXIGER LE MFA
• REFUSER L’ACCÈS EN LECTURE POUR LES UTILISATEURS STANDARD
• REFUSER L’ACCÈS SI DEVICE NON MANAGÉ – NON CONFORME
• EXIGER LE MFA SI L’UTILISATEUR EST DANS UN PAYS RISQUÉ
• BLOQUER TOUTES LES CONNEXIONS DEPUIS UN NAVIGATEUR
◦ VERIFIEZ AVEC LE WHAT IF AVANT LE PASSAGE EN PRODUCTION !
31. 32
Conditional Access
BONNES PRATIQUES:
• UTILISEZ LE !
• TRUSTEZ LES LOCATIONS
• TRUSTEZ LES RANGE IP
• WHAT IF – ATTENTION AVANT PRODUCTION
• PENSEZ AUX EXCLUSIONS ( IMPORTANT)
32. 33
Conditional Access
LES NOUVEAUTÉS DEPUIS LES IGNITE 2018
• BLOCK LEGACY AUTH
• BLOCK LEGACY PROTOCOL ( POP ET IMAP)
• RBAC – GRANULAIRE
• LIMITÉ LES ACCÈS AU NIVEAU DES DATA CLASSIFICATION
• LIMITÉ LES ACCÈS POUR OWA
34. 35
Azure Identity Protection
6 EVENTS À RISQUE :
- UTILISATEURS SUSPECT : HORS LIGNE
- CONNEXION DEPUIS DES IP NON CONNUS – ANONYMES : TEMPS RÉEL
- CONNEXION DEPUIS DES EMPLACEMENTS INCONNUS: TEMPS RÉEL
- CONNEXION DEPUIS UN APPAREIL INFECTÉ: HORS LIGNE
- CONNEXION DEPUIS UN EMPLACEMENT INHABITUEL: HORS LIGNE
- CONNEXION DEPUIS UNE IP QUI CONTIENT UNE ACTIVITÉ SUSPECTE :HORS LIGNE
35. 36
Azure Identity Protection
TYPE DE DÉTECTION :
NIVEAU DE RISQUE : ELEVÉ – MOYEN – FAIBLE
Temps réel
5 à 10 minutes
Hors ligne
2 à 24 heurs
42. CONCLUSION
43
SUIVRE LE MICROSOFT SECURE SCORE
ACTIVEZ LE PTA :
• ACTIVEZ LE SEAMLESS SSO
AZURE MFA
• TRUST DES IP ET LOCATIONS
• CONDITIONAL ACCESS
IDENTITY PROTECTION:
• POLICY DE REMÉDIATION
• ACTIVEZ LE MFA POUR TOUT LE MONDE EN FONCTION DES LOCATION
• REPORTING
• DEVICE
• RISQUE USER – CONNEXION – LOCATION – IP
• PASSWORD:
• ACTIVEZ LE SELF PASSWORD - SMART LOCKOUT – PASSWORD PROTECTION
• AZURE APPLICATION PROXY