Skip to content

Azure AD

How to keep an eye on your Teams with Log Analytics and Azure Monitor?

In my previous blog post, I wrote about the new Teams activity policy templates in Cloud App Security. A great addition to easily keep an eye on your teams. Let’s take a short look a the policies before we continue. The policies will create alerts when: a team’s access level is changed from private to public an external user is added to a team a user deletes a large number of teams These templates are easy to use, and will… 

Microsoft Secure Score Series – 06 – Enable policy to block legacy authentication

Today, most compromising sign-in attempts come from legacy authentication. Older office clients such as Office 2010 don’t support modern authentication and use legacy protocols such as IMAP, SMTP, and POP3. Legacy authentication does not support multi-factor authentication (MFA). Even if an MFA policy is configured in your environment, bad actors can bypass these enforcements through legacy protocols. In this blog post, we take a look at legacy authentication and how to block it on your tenant. Legacy protocols are not… 

Microsoft Secure Score Series – 05 – Enable self-service password reset

With self-service password reset in Azure AD, users no longer need to engage helpdesk to reset passwords. This feature works well with Azure AD dynamically banned passwords, which prevents easily guessable passwords from being used. In this blog post, we are going to take a look at Self Service Password Reset in Azure AD. Self Service Password Reset allows your users to quickly unblock their account without the help of IT staff or helpdesk. For readability, I use SSPR for… 

Microsoft Secure Score Series – 04 – Ensure all users can complete multi-factor authentication for secure access

Multi-factor authentication (MFA) helps protect devices and data that are accessible to these users. Adding more authentication methods, such as the Microsoft Authenticator app or a phone number, increases the level of protection if one factor is compromised. In this blog post, we take a look at the different ways to make sure that your users can register for multi-factor authentication. Enabling Multi-Factor Authentication is a no-brainer giving the fact that your identity is your key to almost all your… 

How to publish on-premises applications and protect them with MFA

Using Azure Application Proxy you can publish your on-premises web applications in a secure way. Combining this with Conditional Access, you can configure MFA for example. Now Coronavirus is hitting us hard, you might have to take a look at this feature. Assume the following use case: you have Citrix or RDS available for 50% of your users, so they can work from home or elsewhere. Now, because of the Coronavirus (or any future disaster), all of your employees have… 

Azure AD tenant branding; size does matter!

  • Azure AD
  • 3 min read

Earlier today, I read this article from Alex Simons about the change that is coming to the Azure AD sign-in experience. In this change the background image of the login screen is being replaced for a smaller one, so the page loads faster. Good news for the low bandwidth offices out there! The article states: If you’ve configured a custom background image in Company Branding for your tenant there is no change to your users. That got me thinking. When…