Minimizing who can access your data and when is one of the cornerstones of cybersecurity as it helps to decrease the chance of sensitive information falling into the hands of a malicious actor. It also protects data against being accidentally viewed (or even inadvertently leaked!) by an authorized user.

Because privileged user accounts hold higher levels of access than other user accounts, they need to be monitored more closely. PIM is a service in Azure Active Directory that allows you to restrict access in a variety of cool ways, from making it time-bound to implementing just-in-time access.

In her exploration of Privileged Identity Management in Azure Active Directory, Paula covers:

•     Assigning roles
•     Adding assignments
•     Giving global administrative rights to a user
•     Configuring limited time access that expires after a specified time
•     How to activate a role and monitor it using Assigned Admins

You’ll find more beginner-level episodes of CQ Hacks devoted to Azure Active Directory Security on the CQURE Academy blog.

Holiday time is approaching and we know that everyone loves to receive gifts! Especially at CQURE, the idea of sharing is close to us and we would like to invite you to our Great Racoon Giveaway Contest, where you will get a chance to win $3920-worth voucher for any of CQURE Academy Live Courses! 

Please click on the below banner to find out more about the contest:

The post Back to Basics: Using PIM in Azure Active Directory Security appeared first on CQURE Academy.

Identity Protection is a security feature in Azure Active Directory that helps to prevent, detect, and remediate identity risk in an organization. Using multiple detections, it monitors every login for identity compromise, sorting sign-ins into three categories of risk: low, medium, and high.

These risk ratings can be used to create automated user risk policies that balance employee productivity with corporate security. For example, multi-factor authentication can be set as a requirement for a sign-in that is high-risk.

Join Paula as she reviews the different policies in Azure’s Identity Protection (User Risk, Sign-in Risk, and MFA Registration) and explains how to:

•       Select which users you want to include in the policy
•       Exclude specific users (such as your ‘break-glass’ account so that you cannot be accidentally logged out of Azure Active Directory)
•       Specify risk levels as high, medium, or low in the User Risk section
•       Block access or allow access but require a password change in the Access section
•       Activate and enforce a policy that you have set up and configured

Paula shows how to monitor your organization for risky users and risky sign-ins in the Report section of Azure’s Identity Protection dashboard and takes you through how to delete the conditional access policies you create.

Discover what happens when a log-in to an organization’s Microsoft Office portal from a Tor browser is flagged as “something strange” by Azure AD’s Identity Protection. You’ll also learn how to mark identity as compromised if, for example, sign-ins have been made in two completely different locations using that identity.

Paula covers identity security from the perspectives of both the administrator and the user, giving a clear view of the steps an employee must take when their account has been identified as risky.

With this identity security lesson under your belt, you’ll be able to intelligently react to potentially dangerous situations.  Take a stroll around the CQURE Academy blog now for more Azure Active Directory security tips including ‘8 things to avoid’ in Azure AD.

Holiday time is approaching and we know that everyone loves to receive gifts! Especially at CQURE, the idea of sharing is close to us and we would like to invite you to our Great Racoon Giveaway Contest, where you will get a chance to win $3920-worth voucher for any of CQURE Academy Live Courses! 

Please click on the below banner to find out more about the contest:

The post Back to Basics: Identity protection in Azure Active Directory appeared first on CQURE Academy.