Posted September 6, 20231 yr Today, we are excited to announce the general availability of Conditional Access overview dashboard and templates. Conditional Access protects thousands of organizations across the globe daily and customers often ask us about best practices and how to improve security coverage. Conditional Access overview dashboard and templates empower Microsoft Entra ID customers to gain insights into their security posture, assess the impact of individual policies, and simplify deployment of Microsoft’s recommendations. I’ve invited Krishna Venkit and Lisa Huang-North, product managers on the Identity Security team to share more details about these two features. Best Regards, Nitika Gupta Group Product Manager, Identity Security Microsoft Identity Division ------------------------------------------------------------ Hi everyone! The Conditional Access overview is a built-in dashboard that offers a comprehensive view of your Conditional Access posture. As an administrator, it provides a concise summary of your policies, identifies any gaps in your policy coverage, and provides valuable insights based on sign-in activity within your tenant. This feature enables you to swiftly pinpoint areas where you can enhance the enforcement of Zero Trust principles, ultimately bolstering your defense mechanisms. Figure 1 Conditional Access overview The dashboard is now the default landing page of Conditional Access. As the first entry point into Conditional Access, the overview page lets you quickly create new policies using one of the Conditional Access templates which capture commonly used policies and best practices. The dashboard also offers the following insights and reporting capabilities: The “See all unprotected sign-ins” link under the Users tile helps you rapidly identify users that are signing in without the protections of a Conditional Access policy. Figure 2 Sign-ins without CA coverage during the last 7 days The ‘See all non-compliant devices’ and ‘See all unmanaged devices’ links under the Devices tile help you identify device compliance gaps. Figure 3 Non-compliant devices You can discover the top 10 most accessed apps without Conditional Access coverage using the coverage tab and go one step further and identify the users without coverage for that app by clicking on the numbers in the ‘Users without coverage’ column. Figure 4: Top accessed applications without CA coverage You can discover security alerts generated based on sign-in activity in your tenant and take quick action on the alerts by deploying recommended zero trust conditional access policies using the Conditional Access templates. Speaking of which, let’s take a brief walkthrough of Conditional Access templates. Conditional Access templates are a pre-defined set of conditions and controls that provide a convenient method to deploy new policies aligned with Microsoft recommendations. Customers are assured that their policies reflect modern best practices for securing corporate assets, promoting secure, optimal access for their hybrid workforce. Conditional Access templates are organized across five scenarios: Secure foundation Zero Trust Remote work Protect administrators Emerging threats Organizations can choose from 16 predefined Conditional Access templates based on their specific needs. Here is an example! With the “Require phishing-resistant multifactor authentication for admins” Conditional Access template, customers can reduce the risk of compromise and phishing attacks on privileged users. This powerful template uses Conditional Access authentication strengths to help you choose the right authentication method requirements for specific scenarios, making it easier than ever for organizations to move their most critical users towards more secure, modern, and strong authentication. Figure 5: Conditional Access template - Require phishing-resistant multifactor authentication for admins Learn more about the Conditional Access overview dashboard: What is Conditional Access in Azure Active Directory? - Microsoft Entra Learn more about Conditional Access templates: Secure your resources with Conditional Access policy templates - Microsoft Entra Tell us what you think Give it a try and let us know if you have questions or feedback at https://aka.ms/AzureADFeedback. We hope you will love it as much as we do! Krishna Venkit Product Manager Microsoft Identity Division Lisa Huang-North (@lisaychuang), Senior Product Manager Microsoft Identity Division Learn more about Microsoft identity: Get to know Microsoft Entra – a comprehensive identity and access product family Return to the Microsoft Entra (Azure AD) blog home Join the conversation on Twitter and LinkedIn Share product suggestions on the Entra (Azure AD) forum Continue reading...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.