Microsoft Azure Active Directory, or AAD, is an IDaaS (Identity as a Service) offering that helps you manage corporate identities in the cloud. In this blog series, we're taking a look at the primary AAD features that you'll use to get your ID management up and running for Azure cloud services.
In Part 1 we discussed Connect, Single-Sign On, and Multifactor Authentication. You can also find a table of AAD pricing on that post. Remember, this series is not a deep dive into AAD configuration, but rather an overview of key features. Depending on your SKU you may or may not have access to all of these features.
Part 2 includes Self Service Password Resets, Identity Protection, Conditional Access, and Privileged Identity Management. These features help you control access and maintain security and compliance protocol across your enterprise cloud.
A Network Policy Server is Microsoft implementation of a RADIUS server that performs authentication, authorization, and accounting for remote VPN connections. Network policies are defined by network administrators to use conditions, settings, and constraints in order to determine who can connect to the network.
I was recently involved in reviewing the existing VPN solution and then deploying another solution for a client. Here are some common mistakes I found made when configuring these policies.
Let’s get this out of the way first: two factor authentication is an effective mode of account verification and far, far better than a simple username and password (single factor) authentication method. But it isn’t a magic bullet and can be overcome, especially with clever social engineering (unsurprisingly, the weakest link in security remains people rather than technology). Ultimately, 2FA is only as secure as the method and technology or product used to secure it.
Here’s how 2FA can be overcome by determined hackers and how you can best maintain account integrity across your organization or personal accounts.
A new report from Deloitte found that IT spending is on the rise, with executives taking a more hands-on role in procuring or ordering investment in technology and related staff. But while 57% of execs reported spending more on technology, 33% said they have little or no formal IT governance policies.
If it seems slightly foolish to spend significantly more on technology without certifying a business purpose and implementing controls over the lifespan of that technology — well, it is. The report does come with the caveat of polling only midmarket and private organizations. We would expect more public businesses to have formal IT governance in place. But that doesn’t excuse organizations of all sizes from measuring the effectiveness of IT in meeting business and compliance goals.
Get started with an overview of IT governance and what you should include in your policy.
Why do companies do this with software?
The concept sounds crazy. Logic says that you lease a car, start to drive it immediately, and continue to drive it for the lease term. Yet with Microsoft software, even cloud-based software like Azure, O365, Dynamics CRM, and Windows 10, companies continue to buy SaaS offerings on their traditional Enterprise Agreements (EAs) and pay for them before they start to use them.
With any migration or upgrade, challenges will arise. Windows 10 migration is no different – so be prepared.
As cloud adoption rates have increased and cloud models for enterprise IT mature, multicloud deployments have become more and more popular. They happen for a variety of reasons: some cloud platforms are better suited for specific applications, others may have security or compliance measures that are necessary. They might be located in different physical sites, fostering failover and disaster recovery or serving satellite markets. For many users, avoiding being locked in with a single vendor is huge for negotiation and data sovereignty.
Going multicloud isn’t a simple task, however, especially if you want to manage everything with a simple workflow. Here are the biggest stumbling blocks companies are facing when implementing multicloud.
The most common type of Artificial Intelligence (AI) today is process automation, often referred to as Robotic Process Automation (RPA). Many IT guys (and, if you will, gals) fear that process automation will make their jobs disappear.
With all the talk about digital transformation and IT modernization, you’d think that everyone was all-in with the cloud at this point. But there are many legacy systems still in production, even at enterprise organizations.
Regardless of why you still have them, there are almost certainly legacy systems within your IT ecosystem, and keeping them secure is of paramount importance, especially if they’re past their support lifecycle and have become exposed to potential vulnerabilities.
Let’s be honest, most of us who play individual games like golf are cheaters. We don’t play by the rules of the game 100% of the time. OK, labelling ourselves cheaters may be a harsh indictment of our collective scorekeeping.