In the last couple of months, Microsoft released new functionality for Azure AD Conditional Access. All of this functionality is still in public preview, so please read the following article on what to expect from Preview functionality: Preview Terms Of Use | Microsoft Azure In these series of articles I will go through the following…
Category: Security
Conditional Access public preview functionality reviewed (22H2) – Part 1: Authentication Strength
In the last couple of months, Microsoft released new functionality for Azure AD Conditional Access. All of this functionality is still in public preview, so please read the following article on what to expect from Preview functionality: Preview Terms Of Use | Microsoft Azure In these series of articles I will go through the following…
Conditional Access announcements from Ignite November 2021 reviewed
During the Microsoft Ignite conference in November 2021 Microsoft made several announcements related to Azure AD conditional access. You can read those announcements in the following article: “Identity at Ignite: Strengthen resilience with identity innovations in Azure AD“. And this morning Thomas Naunheim, tweeted that he saw the announced functionality appear within his tenant. Time…
Continuous Access Evaluation configuration is now part of Conditional Access
While browsing through the options in my Conditional Access policies I noticed a new session related to Continuous Access Evaluation (CAE). Time for a blogpost on my findings. Continuous access evaluation allows for a quicker response by forcing an access token refresh in case of a certain events taking place. In October last year I…
October 2021 update of the conditional access demystified whitepaper and workflow cheat sheet
I’m proud to announce the October 2021 update of my Conditional Access demystified whitepaper. With this release, we have reached the fourth iteration of the whitepaper and accompanying files. I released the first version in in August 2019 after writing several blogposts on the subject. In May last year I released the second version containing…
Control Azure AD Conditional Access policy behavior during an Azure AD outage
In December last year, Microsoft announced that per April 1, 2021 they updated their service level agreement(SLA) for Azure AD user authentication from 99.9% to 99,99%. While this might seem like a small update in reality it makes a difference of 473 minutes (in a year with 365 days). With 99.9% the allowed downtime was…
Using Mozilla Firefox as a browser when using Azure AD Conditional Access on your Modern Workplace
Starting with Firefox version 91, Mozilla is now supporting Single sign-on support (SSO) and device-based Conditional Access as announced by Microsoft in the What’s new in Azure Active Directory for August 2021. The feature is still in Public Preview from a Microsoft point of view, and considered Advanced and experimental from a Mozilla point of…
Preventing account breaches leveraging SIM swapping techniques by nudging your users to start using the Microsoft authenticator app
The last couple of years, Microsoft has been pushing the usage of Multi Factor Authentication for logins to their Cloud Services. MFA, which requires that users authenticate with at least two factors, can reduce the risk of identity compromise by as much as 99.9 percent over passwords alone. Now that more and more companies are…
Announcing #WPNinjasNL Tuesdays Webinar #28, Tuesday July 6, featuring Jeremy Moskowitz
Our # WPNinjasNL “Live – Ask us Anything” session planned for Tuesday June 29 has been rescheduled to Monday July 5th, you can still join the recording of this meeting with special guests John Gruszczyk, Product Manager at Microsoft and Stephen Rose Product Evangelist at Microsoft about Teams and Security by RSVP’ing on our meetup…
My session about Conditional Access at the Microsoft 365 Security & Compliance User Group on June 30, 2021
On Wednesday June 30, I spoke at the monthly user group meeting of the Microsoft 365 Security & Compliance user group. The Microsoft 365 Security & Compliance user group is based in the UK and UK based user group consists of Alan Eardley (@al_eardley) and Peter Rising (@M365Rising) The meeting will started with a very…
A first look at Azure AD Conditional Access authentication context
During Microsoft Ignite in March this year, Microsoft announced several new upcoming functionalities for Azure Active Directory. One of the announcement was the Azure AD Conditional Access authentication context, for which I that time I already wrote about what it could do in my blog article: Modern Workplace Management key takeaways from the Microsoft Ignite…
Announcing #WPNinjasNL Tuesdays Webinar #27 (Tomorrow), Tuesday June 22, featuring Peter Daalmans
For Tuesday, June 22 (yes, thats Tomorrow) we are proud to announce that our very own Peter Daalmans, Microsoft MVP Enterprise Mobility will host a session about: Ten practical tips to secure your corporate data with Microsoft 365 – 201906 edition Session abstract: Employees demanding access to your corporate data and apps on their often…
Our session about Modern Authentication at the May 2021 meetup of the Microsoft Cloud and Client Management Community #MC2MC
Yesterday, on Thursday May 27, Erik Loef and I delivered a session at the May virtual event of the Microsoft Cloud and Client Management Community. The Microsoft Cloud and Client Management Community is a Belgian community with the following members: Tim de Keukelaere, Wim Matthyssen, Tim Hermie, Ken Goossens, Jasper Bernaers, Peter de Tender, Peter…
A first look at using Filters for devices as conditions in Azure AD Conditional Access policies
Earlier this month I wrote an article about using filtering in assignments for apps, compliance policies and configuration profiles in Microsoft Endpoint Manager. And now Microsoft has made available a preview of “Filters for devices” for use in your Azure AD Conditional Access policies. Because this functionality is provided as a preview there is no…
A first look at expediting Windows 10 Quality Updates when using Windows Update for Business and Microsoft Endpoint Manager
During Microsoft Ignite, Microsoft announced the option to bypass pre-configured Windows Update for Business policies to immediately deploy a security update across your organization when emergencies arise as part of their Windows Update for Business deployment service. Today, Microsoft has made available a preview of possibility to expedite the installation security patches as part of…