Azure Identity Management and access control security best practices
Many consider identity to be the new boundary layer for security, taking over that role from the traditional network-centric perspective. This evolution of the primary pivot for security attention and investments come from the fact that network perimeters have become increasingly porous and that perimeter defense cannot be as effective as they once were prior to the explosion of BYOD devices and cloud applications.
Microsoft has done a lot to help in this regard in Azure. They have published an article on Azure identity management and access control security best practices that covers key items like:
Centralizing your identity management
Enabling Single Sign-On (SSO)
Deploying password management
Enforcing multi-factor authentication (MFA) for users
Using role based access control (RBAC)
Controling locations where resources are created using resource manager
Guiding developers to leverage identity capabilities for SaaS apps
Actively monitoring for suspicious activities
I've been a big fan of IAM for years. With some of Microsoft's latest enhancements tied into Azure AD you can get it all in one place these days. This wasn't the case even a year ago, when their SSO, MFA and Password management is first class citizens in everything in the cloud. Check out the article to see how.