Azure AD Premium Conditional Access and Session Controls

  Whether your end users are using Windows, MacOS, Chromebook, iOS/Android, etc. Azure Active Directory Premium conditional access with session control will limit access to data for SharePoint Online. What are Session controls? “Session controls enable limiting experience within a cloud app. The session controls are enforced by cloud apps and rely on additional information…

0

Microsoft Intune Data Warehouse

  When demonstrating Microsoft Intune I’m often asked about reporting and historical data.  Microsoft Intune now offers the ability to connect to Intune data and create reports either in Power BI or in your own reporting service or tool.  There’s even an Intune Data Warehouse API.  More details here: https://docs.microsoft.com/en-us/intune/reports-nav-create-intune-reports Fortunately there’s not a whole…

0

Windows 10: Intune + Windows BitLocker management? = Yes

  This week’s post is all about Windows BitLocker management with Microsoft Intune. When it comes to data protection, internal and external drive protection is important in the event a device is lost or stolen. In the past to manage Windows BitLocker we typically needed to create Group Policies or use System Center Configuration Manager…

0

Azure AD Connect Pass-Through Authentication – tracking sign-on activity with event viewer and Microsoft OMS

  Quick post today around Active Directory sign-on auditing when using AAD Connect Pass-Through Authentication.   Azure AD Connect Pass-Through Authentication (PTA) provides the ability to pass authentication off directly to domain controllers. When passwords are reset or changed they’re reflected in Azure AD immediately via Azure AD Connect sync. Additionally, self-service password reset (SSPR)…

0

Windows Information Protection Explained – Windows 10 Creators Update

  With the release of Windows 10 Creators Update there have been many enhancements to Windows 10. For this post, I’ll focus on an expanded feature that is only available in version 1703 (i.e. Creators Update). In Windows 10 version 1607 we released Windows Information Protection where devices that are enrolled with Microsoft Intune (or…

0

Azure AD Geolocation by sign-in activity using Power BI

  If you’re an Office 365 customer or even an Azure customer then you’re probably familiar with Azure Active Directory (or Azure AD).  Azure AD is the core identity provider that the majority of Microsoft services rely on for authentication.  For today’s post I thought it would be interesting to pull sign-in activity into Power…

0

Azure Active Directory + O365 Conditional Access Scenarios Explained

Hi everyone, with all the cross integration between Azure Active Directory and Office 365 it time to explain these conditional access in detail.  While Office 365 offers a level of controls by service, Azure Active Directory and Microsoft Intune can come over the top of those services an provide further controls or leverage conditional access…

0

Windows Server Network Policy Server + Azure AD NPS Extension = VPN + Azure MFA

  On February 6, 2017, the Microsoft Azure AD team announced the public preview of Azure MFA cloud based protection for on-premises VPNs. This is facilitated via a downloadable extension that integrates directly with the Windows Server Network Policy Server (NPS) role.   With the NPS Extension for Azure MFA, which is installed as an…

0

Azure AD Security – Protect Those Accounts, Services, and Audit Access!

Everyday I’m asked questions about Enterprise Mobility + Security as well as other Microsoft services. I’m also asked how we can provide single-sign on to SaaS and on-premises applications using Azure AD Premium. What surprises me though is how few organizations ask me about providing additional protection layers to protect accounts as well as the…

0

Azure Information Protection… a log journey

  Azure Information Protection (AIP) provides the ability to protect and classify information. For example, AIP policies can be created and used to classify, label, and protect data from leaking such as credit card numbers, social security numbers, or classify, label, and protect based off key words and so on. For this post, I will…

0