Home » Tags

Identity

Implementing Azure Conditional Access Policies for Geographic Security

Understanding Geographic-Based Access Controls Geographic-based access controls are crucial for organizations looking to maintain compliance with international regulations or enhance security by removing some low hanging fruit. One specific use case is blocking access from OFAC sanctioned countries while allowing access from trusted locations. Implementation Steps 1. Create a Report-Only Policy First, create a policy in report-only mode to assess impact: Navigate to Azure Portal > Azure AD > Security > Conditional Access Create a new policy Configure the following settings: Users and groups: All users Cloud apps or actions: All cloud apps Conditions: Locations > Configure > Selected locations Access controls: Block access Enable policy: Report-only 2. Configure Location Conditions Create a list of blocked locations: ...

2 min · Me

Securing Azure Entra ID: Essential Security Measures for Enterprise

Introduction Securing Azure Entra ID (formerly Azure AD) is crucial for maintaining a robust security posture. This post covers essential security measures and how to implement them effectively. Cleaning Up App Registrations Identifying Unused Applications First, identify app registrations with expired credentials: # Get app registrations with expired secrets/certificates Get-AzureADApplication | Where-Object { $_.PasswordCredentials.EndDate -lt (Get-Date) -or $_.KeyCredentials.EndDate -lt (Get-Date) } Verification Process Check service principal sign-in logs for the last 30 days Disable service principals showing no activity Delete the corresponding app registration Implementing MFA Requirements Assessing MFA Status Navigate to Authentication Methods > User Registration Details to identify users without MFA: ...

2 min · Me