Passwordless

Securing Admin roles in Azure Active Directory

Tuesday, July 14, 2020

I’m going to continue my recent look at securing your Office 365/Azure AD directory with a quick dive into using Conditional Access rules to protect your directory’s most prized asset - accounts with admin roles. These are roles that can be used to accomplish admin tasks within your organisation’s Office 365/Azure AD and Azure estate and they are important because they are essentially the keys to the kingdom. While you should be looking to secure all your accounts because all your users probably have access to sensitive information, systems or services; admin accounts are the accounts that give their user access to your entire estate in one or two leaps.

Continue reading →

Using Passwordless for Office 365

Sunday, July 5, 2020

As the pace of attacks continues against companies who use online services, major IAM providers such as Microsoft and Okta are looking for ways to improve theirs and your security game. I was fortunate enough to attend the 2019 Okta forum in London and one of the drums Okta beat throughout the entire presentation was Passwordless Authentication. Microsoft are also recommending this as a major improvement to Office 365/Azure security even on top of MFA.

Continue reading →