The credentials that you issue to your users identify them to Microsoft 365, and when combined with strong authentication methods like Multi-Factor Authentication, can be taken as proof positive that the person using them is whom they claim to be. Once their identity is established through authentication, Access Management takes over, using controls like Conditional Access to further assess the user. It takes into consideration factors such as geographical location, the device they are connecting from, the app they used to make the connection, time of day. All of these are used to decide if the user is authorized to access the requested resource.
We provide a Standard Identity as a Part of our SecureIT 365 Basic Identity Pack, we do have a more Comprehensive offering using which you get a higher level of Identity Protection. We can offer this for Hybrid Identity or Pure Cloud Identity.
The Identity and Access Premium Pack delivers the following services:
Multi factor Authentication : This service combines Password with second factor authentication. By doing so you are reducing the changes of Identity theft substantially.
Passwordless Authentication : This is a form of Multi-factor Authentication that replaces the password with a secure alternative.
Device Compliance
Conditional Access : Using Conditional access, Companies can ensure that no users, apps, or devices can access Microsoft 365 data unless they meet your company’s compliance requirements (performed multi-factor authentication, enrolled with Intune, using managed app, supported OS version, device pin, low user risk profile, etc.).
Enable Self Service Password reset : Self Service Password Reset (SSPR) is an Azure Active Directory (AD) feature that enables users to reset their passwords without contacting IT staff for help.
So, as is apparent from the above, the Identity and Access Premium Pack delivers a very high level of Identity and Access Service.
In addition to the above Identity based Security Services which can be deployed with both Microsoft 365 as well as Azure, we offer some additional Security Services specifically for Azure. Let’s look at them:
6. Azure Role based access control (RBAC)
Who has the Access ?
What type of Access ?
How Much ?
The above 3 questions are handled by Azure RBAC for an Azure Subscription. Let’s look at a few examples:
Allow one user to manage virtual machines in a subscription and another user to manage virtual networks
Allow a DBA group to manage SQL databases in a subscription
Allow a user to manage all resources in a resource group, such as virtual machines, websites, and subnets
Allow an application to access all resources in a resource group
Setting up these roles ensures that Azure Subscription remains very secure.
So, do get in touch with us for deployment of the same.
