Identity and Access

Identity and Access Management Best Practices

Documentation

Five steps to securing your identity infrastructure – This document will help you get a more secure posture using the capabilities of Azure Active Directory by using a five-step checklist to inoculate your organization against cyber-attacks.

Azure Identity Management and access control security best practice – In this article, we discuss a collection of Azure identity management and access control security best practices. These best practices are derived from our experience with Azure AD and the experiences of customers like yourself.
Azure Security Documentation – Security is integrated into every aspect of Azure. Azure offers you unique security advantages derived from global security intelligence, sophisticated customer-facing controls, and a secure hardened infrastructure. This powerful combination helps protect your applications and data, support your compliance efforts, and provide cost-effective security for organizations of all sizes.
     White papers
     Technical overviews
     Best practices
Azure Security Services – Make sure to check this page on a regular basis to stay up-to-date on our security-related services and technologies.
Microsoft Services in Cybersecurity – Microsoft Services provides a comprehensive approach to security, identity and cybersecurity. Microsoft Services provides an array of Security and Identity services across strategy, planning, implementation, and ongoing support. These services can help Enterprise customers implement holistic security solutions that align with their strategic goals.

Securing Privileged Access to machines/services – Microsoft recommends you follow this roadmap to secure privileged access against determined adversaries. You may adjust this roadmap to accommodate your existing capabilities and specific requirements in your organizations.

Privileged Identity Management – Securing privileged access is a critical first step to establishing security assurances for business assets in a modern organization. The security of most or all business assets in an organization depends on the integrity of the privileged accounts that administer and manage IT systems. Cyber-attackers are targeting these accounts and other elements of privileged access to rapidly gain access to targeted data and systems using credential theft attacks like Pass-the-Hash and Pass-the-Ticket.

Location Administrator Password Solution (LAPS) – For occasions when login is required without domain credentials, password management can become complex. LAPS simplifies password management while helping customers implement recommended defenses against cyberattacks. In particular, it mitigates the risk of lateral escalation that results when customers have the same administrative local account and password combination on many computers.
    Download LAPS kit

Blogs

Defending against illicit consent grants by Brandon Koeller – Office 365 Security has been tracking an emergent threat to customer data in the Office 365 cloud over the last year. This blog post is intended to help IT Administrators of Office 365 organizations detect, monitor, and remediate this threat. In its simplest form, the attack consists of an adversary creating an Azure registered application which requests access to customer data (contact information, email, documents, etc.), and then tricking an end user into granting that application consent to access their data through a phishing attack, or by injecting illicit code into a trusted website. Once the illicit application has been granted consent, it functionally has account-level access to data but without needing an actual account in the organization. Normal remediation steps like resetting passwords for breached accounts or requiring MFA on accounts is not effective since these third party applications are external to the organization and leverage an interaction model which presumes the caller is automation, and not a human.
Software-as-a-Service Part 1 (Identity-as-a-Service) – Providing a prescription of steps to create and provide SaaS is an overwhelming endeavor, destined to sprawl and quickly become unwieldly. Yet companies need exactly this as they transition to the cloud. To answer this need, we identify some patterns and group them into related pillars. My intention in this series of posts is to showcase various applications demonstrating different aspects and patterns of Software-as-a-Service (SaaS) models.

White Papers & E-Books

Microsoft Azure Security Response in the Cloud – This white paper examines how Microsoft investigates, manages, and responds to security incidents within Azure. Other service impacting issues that are not security incidents are addressed by a separate response plan (or business continuity plan), and will not be discussed in this paper.
A crash course in security management: the keys to a better security posture – The way you manage your data and device security is a top priority in an evolving cyberthreat landscape.
Protecting your organization and improving security management starts with three key requirements: Visibility that helps you understand the security state and risks across resources, Built-in security controls to help you define consistent security policies, Effective guidance to help elevate your security