New blog post: "Securing privileged user access with #AzureAD #ConditionalAccess and #IdentityGovernance"

Overview and considerations to enforce security controls for using #PAW, strong authentication and manage access for privileged roles based on tiering levels.

https://www.cloud-architekt.net/securing-privileged-access-conditionalaccess-governance/

New blog post: "Securing privileged user access with #AzureAD #ConditionalAccess and #IdentityGovernance"

Overview and considerations to enforce security controls for using #PAW, strong authentication and manage access for privileged roles based on tiering levels.

https://www.cloud-architekt.net/securing-privileged-access-conditionalaccess-governance/

I’ve recently finished an exciting strategic engagement with a well know retailer in the UK. The project focused on delivering a modern #iam strategy and roadmap. Key technologies included #pim #aad #entitlementmanagement #identitygovernance and #passwordless.

I’ve started a #blog that covers the journey. The first one is live on my site, if you fancy a read:

https://paulsanders.co.uk/tales-from-the-field-building-a-modern-iam-strategy/

For anyone trying to get their heads wrapped around best practices for role management in the identity and access management space, watch this pretty comprehensive 9:00 minutes video from #IBM Distinguished Engineer Jeff Crume on the topic.

#iam #identitymanagement #identitygovernance #ibmsecurity #cybersecurity #infosec

https://youtu.be/5v4v-MPoEOs

#AtzureAD Access Reviews include now also a machine-learning backed mechanism to improve the reviewers decision making.
„All“ you need is a well maintained #AAD.
Pretty cool addition!
https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/introducing-machine-learning-based-recommendations-in-azure-ad/ba-p/2466923
But maybe the phrases AI /& machine-learning let you think it will make some really crazy opaque stuff. The more detailed explanation here shows that the logic behind is not sooo fancy. Makes sense!
https://learn.microsoft.com/en-us/azure/active-directory/governance/review-recommendations-access-reviews#user-to-group-affiliation-preview
#Identity #IdentityGovernance #MicrosoftEntra

Even if I start a project right now where we need to move away from #AzureAD #IdentityGovernance Access Packages, I'm nevertheless still convinced using Access Packages as a tool for Guest #Governance especially if you work with #msteams and other #m365 group resources.

Here I published an article which describes an detailed example of an Implementation for advanced guest handling in #Teams:

https://blog.thinformatics.com/2020/12/microsoft-teams-fulfill-advanced-guest-access-requirements/

Working on a comprehensive blog post about the recent feature in Microsoft #Entra #IdentityGovernance to manage lifecycle 🔄​ of privileged identities 👥​ in #AzureAD and #Azure. Lifecycle workflows are a great option for on- and off-boarding those cloud-only accounts. Stay tuned...