• Dana Epp

Azure Identity Management and access control security best practices

Many consider identity to be the new boundary layer for security, taking over that role from the traditional network-centric perspective. This evolution of the primary pivot for security attention and investments come from the fact that network perimeters have become increasingly porous and that perimeter defense cannot be as effective as they once were prior to the explosion of BYOD devices and cloud applications.

Microsoft has done a lot to help in this regard in Azure. They have published an article on Azure identity management and access control security best practices that covers key items like:

  • Centralizing your identity management

  • Enabling Single Sign-On (SSO)

  • Deploying password management

  • Enforcing multi-factor authentication (MFA) for users

  • Using role based access control (RBAC)

  • Controling locations where resources are created using resource manager

  • Guiding developers to leverage identity capabilities for SaaS apps

  • Actively monitoring for suspicious activities

I've been a big fan of IAM for years. With some of Microsoft's latest enhancements tied into Azure AD you can get it all in one place these days. This wasn't the case even a year ago, when their SSO, MFA and Password management is first class citizens in everything in the cloud. Check out the article to see how.