Enhance security, simplify access and set smart policies with a single identity platform

Last updated: 18th April 2019

Azure Active Directory Premium P2

Azure Active Directory Microsoft’s multi-tenant cloud based directory and identity management service provides an easy to use solution to give your staff a single sign-on access to thousands of cloud applications from Microsoft and other software vendors. Azure Active Directory Premium P2 (AADP P2), the most fully featured version of Azure AD, includes all the functions of P1 and the two services, as described below.

 

Azure AD Identity Protection – provides you:

  • A consolidated view into risk events and potential vulnerabilities affecting your organisation’s identities
  • An ability to automatically block or offer adaptive remediation actions

 

Azure AD Privileged Identity Management – enables you to know:

  • Which users are Azure AD administrators
  • Enable “just-in-time” administrative access to Office 365 & Intune
  • Get reports about administrator access history & changes to administrator assignments
  • Get alerts about access to a privileged role

 

Why use it?

These days, businesses are moving away from traditional IT deployments and towards cloud deployments, with an increase in mobile applications. This means that traditional defence mechanisms, which are designed with traditional IT setups in mind, may no longer be suitable and may not provide enough security.

A typical modern-day IT environment allows users to access data on any device and on any network, to share data with who they want and how they want and to use cloud-based applications each with its own means of authentication and authorisation. Taking all this into account, IT teams can have little-to-no visibility/control over how end users carry out their day-to-day work.

With no clear edge to a network, traditional firewalls and intrusion detection systems are not much use. Instead, security services need to be dynamic and adapt to the ever-changing IT environment.

 

How do these services help protect your organisation?

Microsoft has access to a vast amount of data sources, such as web indexes/crawls, emails, authentications, and many more. They have combined all these sources to create what they call the Intelligent Security Graph. This graph forms the basis of the two security services offered by AADP P2.

 

Identity Protection uses the graph to:

  • Gain insights – It can see and gather data from the internet to identify trends very early on.
  • Make remediation recommendations – It can learn a user’s ‘normal’ behaviour so that potential issues can be identified and dealt with before they even happen.
  • Assign risk-severity calculations – It can spot the use of leaked credentials, user lock-out events and sign-ins from infected devices, unfamiliar locations and anonymous/suspicious IP addresses.
  • Grant risk-based conditional access – It can detect suspicious logins and compromised credentials and can act by applying your risk-based policies, including multi-factor authentication challenges for risky logins, change of bad credentials and blocking attacks.

Identity Protection doesn’t just rely on being monitored. It actively gives notifications, data extractions and gives access to reporting APIs which can feed back into your existing Security Information and Event Management (SIEM) systems, monitoring tools and even Microsoft PowerBI.

 

Privileged Identity Management
Helps by allowing protection to be added for your most important users. For example, those with access to the business’ most important/sensitive systems and/or data. It can allow ‘just-in-time’ or ‘time-limited’ activation of privileged roles as and when needed.

There is an automated workflow with Privileged Identity Management where users can be granted elevated access for tasks when required, using multi-factor authentication. Privileges are then revoked after a pre-determined amount of time.

Privileged Identity Management is based on how Microsoft run their own systems, such as Outlook.com, Xbox, Office 365 and Azure. Microsoft use this ‘time-limited’ procedure themselves when they need to gain access to their customers’ Office 365 subscriptions. Now they are giving their customers access to this service in order to provide them with the same identity security capabilities as they have, even with non-Microsoft services and software.

 

Azure Active Directory Premium P2 is now available in the new Microsoft 365 security suite – Identity & Threat Protection
This new package brings together security value across Office 365, Windows 10, and EM+S in a single offering. It includes best of breed for advanced threat protection services including Microsoft Threat Protection (Azure Advanced Threat Protection (ATP), Microsoft Defender ATP, and Office 365 ATP including Threat Intelligence), as well as Microsoft Cloud App Security and Azure Active Directory.

 

Also available – New Microsoft 365 Compliance package – Information Protection & Compliance
This new package combines Office 365 Advanced Compliance and Azure Information Protection. It’s designed to help compliance and IT teams perform ongoing risk assessments across Microsoft Cloud services, automatically protect and govern sensitive data throughout its lifecycle, and efficiently respond to regulatory requests leveraging intelligence.

Leave a Reply

Your email address will not be published. Required fields are marked *

Events Calendar

 

Is your database server secure?

Last updated:3rd July 2019
On 9 July 2019 extended support for Microsoft SQL Server 2008 and 2008 R2 ends. Without updates, the security of your database could become compromised. This puts your data potentially at risk from hackers. So what are your options?
Read more »
 

Maximise visibility and control over potential attacks

Last updated:18th April 2019
IT threat landscape is forever changing. Microsoft Defender ATP helps security admins achieve a comprehensive and complete security solution for modern work environments. Agent-less and cloud-based, allows it to constantly be enhanced and updated automatically to provide the best protection, detection, investigation and response capabilities.
Read more »