While following “Securing your Identity”, I wanted to quickly go through conditional access and how it can benefit your organization, the data and your own. Conditional access was 1st introduced back in the ADFS days using Claims Rules to justify user authentication in to a web browser, app or VPN tunnel. Most lately, CA has become very popular in the Microsoft world of business.

Conditions such as machine compliance, SOX compliance, and security based on identity to force MFA/2FA we spoke about in the last post. What this tool is known for is blocking attacks before they are even thought up. We will say I am a user at Samuel Tech; My credentials were stolen. Unless they have my registered device, there is no accessing the endpoint. It really is that simple logically. Now, through 50,000 users in a pool of 5 cloud hybrid tenants and an AD forest with multiple DC’s, you have yourself a bit of a challenge…One would think. It is literally an o/off switch once your policies are configured.

Your users are in a pool of these configurations assigned to different levels of access. One step further, lets discuss RBAC (Role Based Access Control). RBAC is a way I personally like to manage my administrative and engineering staff. I create a custom role with specifics like Exchange administrator, Global reader, Teams Administrator etc. Maybe he is my go to and I just assign her/him the GA role and there is access to it all. I am not saying go make all your folks global admins. The world doesn’t need that. Instead I am giving you multiple options to secure yourself, your data and of course, your identity. Cloud integration is the most amazing technological level of security one could ask for in my opinion. I don’t know about you guys, but I eat, sleep, and breath security on a daily basis. I think everyone should! You read my last blog mentioning the colonial pipeline ransomware attack…this stuff can happen to any of us! I’ve learned in my career that you really, truly cannot be too careful.